Exposing A Local Instance To The Internet

Overview

FusionAuth lets you develop locally with a full featured auth system. To do so, install FusionAuth using one of the options, such as Homebrew or a .deb file.

There are situations where you want to expose your local FusionAuth instance to the internet. Some examples include:

  • debugging an integration with an external system
  • trying to show your custom themes to a developer on your team in a different office
  • verifying the behavior of cookies over a secure connection without setting up certificates
  • testing your login pages on a different device such as a phone or tablet

To help with these situations, use ngrok. This took exposes your local FusionAuth instance and gives it a publicly accessible URL.

To set up ngrok, do the following:

  • download and install ngrok (free registration required)
  • start your FusionAuth instance
  • run ngrok: ngrok http --request-header-add 'X-Forwarded-Port:443' 9011

You need the request header argument to avoid proxy issues from FusionAuth.

You’ll then see a screen similar to this.

ngrok                                                           (Ctrl+C to quit)
                                                                                
Add Okta or Azure to protect your ngrok dashboard with SSO: https://ngrok.com/dashSSO
                                                                                
Session Status                online                                            
Session Expires               1 hour, 59 minutes                                
Terms of Service              https://ngrok.com/tos                             
Version                       3.1.0                                             
Region                        United States (us)                                
Latency                       58ms                                              
Web Interface                 http://127.0.0.1:4040                             
Forwarding                    https://627d-131-226-35-36.ngrok.io -> http://localhost:9011
                                                                                
Connections                   ttl     opn     rt1     rt5     p50     p90       
                              0       0       0.00    0.00    0.00    0.00      

If you are exposing a local web application as well as FusionAuth using ngrok, make sure you update your Authorized redirect URLs in the Application configuration.

Security Considerations

Doing this gives anyone on the internet a path to your local machine, if they know the URL.

Shut this down when it has served its purpose.