Features

FusionAuth gives you the control and power you need to secure your app and manage your users quickly and efficiently. 

Architecture

  • Single-tenant deployment
  • Support for multi-tenant applications
  • White-label identity
  • On-premise, public and private cloud options
  • Multiple application support
  • Built for web-scale - supports millions
    of users
  • Choice of MySQL or PostgreSQL
  • Multi-platform: Linux, macOS
    and Windows
  • Regular security audits
  • Integrated server security (when hosting is provided by FusionAuth)
  • Data regulation compliance
    (GDPR, HIPAA, COPPA, etc.)

Authentication

  • Authentication for web, mobile, desktop, and console applications
  • OAuth version 2.0 support
  • OpenID Connect support
  • One-time use tokens with timeout
  • Single sign-on (SSO)
  • Federated logins (e.g. Active Directory)
  • Multi-factor authentication
  • Code-based MFA
  • Push SMS-based MFA
  • Brute-force login detection w/ account locking
  • Social login compatible
  • Remember this device
    (trust and refresh tokens)
  • Application authentication tokens

Authorization

  • Authorization and permission control
  • Role-based access control (RBAC)
  • Group access controls
  • IOT authorization
  • OAuth version 2.0 authorization
  • OpenID Connect authorization

REST API

  • Complete feature access
  • JSON data format
  • Configurable API keys
  • Tenant-specific API keys
  • Granular API key permissions
  • JWT support

User Management

  • User-friendly web UI
  • Multi-tenant user management
  • Moderation tools and account locking
  • User search and segmentation
  • Gravatar support
  • Discipline and reward capabilities
  • Unlimited users and groups
  • User commenting

Password Control

  • Full unicode character support
  • Configurable password constraints
  • Default strong password hashing
  • Configurable password hashing (algorithm and strength)
  • One-way password hashing
  • Configurable password reuse policies
  • Pluggable password hashing
  • Email-based password reset
  • Automated new user password setup
  • Password validation

User Data

  • Standard default user data fields
  • Global custom user data
  • Application-specific custom user data
  • Searchable user data
  • Preferred language support
  • Username profanity filter
    (via CleanSpeak integration)

Email

  • Brandable standard email templates
  • Replacement variables in email templates
  • Customized email template builder
  • Email localization
  • Configurable SMTP server
  • Registration verification via email
  • Email verification

Webhooks and Events

  • Full webhook support
  • Transactional control over webhooks
  • Kafka support
  • Preconfigured system events
  • Time-based custom events
  • Atomic custom events
  • Account locking via events

Reporting

  • Daily active users
  • Monthly active users
  • Logins
  • Registrations
  • Total counts
  • Audit log
  • Custom reporting capability

Support Options

  • Email, phone and remote debugging support
  • On-Site support
  • Enterprise support
  • Online documentation

Migration Tools

  • Bulk import
  • Password-safe data import
  • Custom migration services

Contribute to our Roadmap

We want your input to help us prioritize our resources. We are tracking feature requests on Github. Click any of the features below to vote on them or use our Github issue list to submit additional ideas.