Reactor

Introduction

FusionAuth Reactor is a powerful suite of features developed to extend FusionAuth’s core functionality.

See the Reactor Feature for a high level description.

A paid edition of FusionAuth is required to enable these features. Learn more about purchasing FusionAuth on the Pricing Page.

Features

Activate Reactor

Once a license is purchased, in order to activate your instance and enable Reactor, log into your Account and copy your License Id.

Then in your FusionAuth instance navigate to Reactor and enter your License Id under Start the Reactor.

Note: You may enter your License Id on multiple instances. However, since billing is based upon the total number of monthly active users across all licensed instances it is recommended that you only license those instances you need support for or require Reactor features for.

Immediately after activating, the Status may be Activated, pending connection. This means that the activation was successful, now FusionAuth is just obtaining a secure connection to Reactor. This may take a minute or two, but should change to Activated, securely connected after refreshing the page.

Activate Reactor

Breached Password Detection

We collected hundreds of millions of compromised usernames and passwords from numerous breached databases. FusionAuth can now check passwords to ensure that they don’t exist in any of these databases to keep your users' accounts safe from external threats that may be using this same breached data.

This password detection can be configured per tenant to detect vulnerable passwords at account creation and during password changes. You can also optionally enable breach detection during login. Performing breach detection during login may introduce additional latency to the end user. The configurable actions taken when a vulnerability is detected during login are logging for later reporting and analysis, emailing the user with a templated email, and forcing an immediate password change.

Example of end user message when they login with a breached password.

To enable and configure this feature navigate to Tenants → Edit → Password

Detailed documentation on the configuration can be found in the Tenant Documentation and the Breached Password Detection Guide.

Additionally, there is some keen insight into how the Reactor Breached Password Detection is performing on the Reactor page.

High level stats are displayed at the top of the page for the total number of passwords checked, how many vulnerable passwords have been detected, and the number of accounts that have outstanding actions required (users with unresolved vulnerable passwords). If there are any accounts that still need to take action, then a Breached Users search button will appear. Clicking this will take you to the user search page with those users displayed. From there you may investigate each user and perform additional actions, such as forcing a password reset.

At the bottom of the Reactor page is a table with the same stats broken out per tenant.

Activate Reactor

A new webhook event is available for use with FusionAuth Reactor Breached Password Detection. This event when enabled will be fired during login if the user is using a vulnerable password.

  • User Password Breach (user.password.breach), see Webhook Events for additional information.

Related Posts

Advanced Registration Forms

Advanced registration forms let you build multi-step, custom registration experiences with no coding required. You can use the administrative user interface to build your forms.

If you use the FusionAuth themed login pages for your application and the default self service registration form doesn’t meet your needs, advanced registration forms can help.

It also can improve the registration experience. Whether you want to break a form up into multiple steps, gather user consents, or have the user provide app specific profile data, advanced registration forms can help.

To use advanced registration forms, you must:

  • Create any custom form fields. This is optional, but typical.

  • Assemble the predefined and custom form fields into a series of steps. Then you compose steps into a form.

  • Configure an application to use your form for self service registration.

  • Theme the form to have a cohesive look and feel. This is optional, but highly recommended.

What is the Difference Between Advanced and Basic Registration Forms

FusionAuth has two types of registration forms: basic and advanced. Both of these allow self service registration. Basic registration is only one step; all the fields are displayed on one form. With basic registration, you can mix and match the following user data fields:

  • Birthdate

  • First name

  • Full name

  • Last name

  • Middle name

  • Mobile phone

Any displayed fields can be required for successful registration. You can choose to use a username or an email for your login identifier. A password field is displayed and required.

This is a typical registration page; you can collect information and at the end the user will be associated with the application in FusionAuth and be able to sign in. The look and feel of the registration form can be themed. Validation is limited to having fields be required, though you can also implement additional validation in theme managed client side javascript.

Basic registration forms have a subset of the functionality of advanced registration forms. With advanced registration forms, in addition to registering a user to an application, you can also:

  • Collect additional profile data and store it in FusionAuth.

  • Validate any field on the server in a variety of ways, including matching a regular expression.

  • Use more complicated fields, such as consents and confirmation fields.

  • Break a registration process into a series of less imposing steps.

Related Posts