@theo

Yes. It should be present on the identity link object: https://fusionauth.io/docs/v1/tech/apis/identity-providers/links

The type of token returned depends on the identity provider, but for Google I believe it is the access token.

@vodinhtan1122 No, that is not correct. It should be fully supported. The only SAML functionality that is not present in the community edition is SAMLv2 IdP initiated login.

@zidstol-komp

So it sounds like you are not using FusionAuth's hosted login pages, but are building your own integration with Facebook. And then you are calling https://fusionauth.io/docs/v1/tech/apis/identity-providers/facebook#complete-the-facebook-login

Is that correct?

If so, I think you'd need to make the additional calls to Facebook to get the name and picture and then to update the FusionAuth user profile.

When you use the hosted login pages, we handle that for you, but when you build your own integration, all we do is log the user in (and possible create them and register them for your application, if configured to do so).

@marengoapp Did you see any errors in the system log files? If so, please share them here.

@mart

Thanks for the detailed repro steps. I just looked through the code and didn't see anything that indicated this behavior.

Could you do one more test for me, please? Can you check and see what happens if you don't use FUSIONAUTH_APPLICATION_CLIENT_SECRET and instead use a different variable name? Something like MY_COOL_APPLICATION_CLIENT_SECRET or something like that?

I don't think there's a collision or reserved variable, but it's worth ruling out.

Also, what version of FusionAuth are you running?

@ursache-rarress

Thanks for using FusionAuth!

Getting the password via API is not possible.

If you want to migrate away from FusionAuth and need the password hash for that purpose, you can use a database export.

In general, if you are using FusionAuth as your auth server, passwords should remain within FusionAuth and no where else.

@stephen-saucier-0, This was resolved in 1.36.

https://github.com/FusionAuth/fusionauth-issues/issues/1585

In general, you'll use the JSON defined in the API documentation to build the request. Unfortunately, the Search Event Logs API doc doesn't have sample JSON (I filed an issue) but it does have the fields: https://fusionauth.io/docs/v1/tech/apis/event-logs#search-event-logs

You can also find the EventLogSearchRequest in the client code:

https://github.com/FusionAuth/go-client/blob/master/pkg/fusionauth/Domain.go#L1545

This points at https://github.com/FusionAuth/go-client/blob/master/pkg/fusionauth/Domain.go#L1534

However, I'm not sure searching event logs gets you what you are trying to accomplish:

My goal is to grab all the last events, login..., from a specific user based on his email by example.

You probably want to search login records: https://fusionauth.io/docs/v1/tech/apis/login#search-login-records

https://github.com/FusionAuth/go-client/blob/master/pkg/fusionauth/Domain.go#L3145

https://github.com/FusionAuth/go-client/blob/master/pkg/fusionauth/Domain.go#L3134

@vindhyahegde2114

At this time, SSO is only supported if you use the hosted login pages:

Additionally, when you use the hosted login pages, FusionAuth provides transparent single sign on (SSO) between applications as well as support for localization of the user interface.

https://fusionauth.io/docs/v1/tech/core-concepts/integration-points#hosted-login-pages

There's an open issue to expose SSO management via an API: https://github.com/FusionAuth/fusionauth-issues/issues/1515

Please vote it up and/or add a comment about your use case if you'd like.

As a reminder, here's our roadmap guidance: https://fusionauth.io/docs/v1/tech/core-concepts/roadmap

@dan Thank you, yes I can use lamba, i did give it a try and it works fine 🙂
The authentication type does works too, but maybe more in a "workaround way".

Thanks

@dan Good afternoon... Thanks for answering... Yeah, it is duplicated.. Sorry it is the first time for me using the FA Forum and Because of that i made the mistake to duplicate the POST.

So, please go ahead and remove this one. Thank you

Also, they are not encrypted, they are just UUIDs being stored in a compact fashion.

@maxfusion said in How to implement invitation flow from a shareable link?:

Will that approach work when user signs up with FB/Google/Apple/etc identity providers?

It should.

Glad you found a way that worked for you.

@innocent-dzapasi Ah, that is quite an old version. (Over 2 years old).

What is in the system logs?

@garveymozga33 Thanks for your feedback. The basic cloud plan does not currently include backups and is not intended for production use.

@andres-garcia Do you mean for a given user? Or in general?

In general, you want to set the Tenant Session Timeout setting: https://fusionauth.io/docs/v1/tech/core-concepts/tenants#oauth

I believe that redirecting the user to the FusionAuth authorize url will extend the session (and the doc above implies it: The length of time an SSO session can be inactive before it is closed.).

I'd have to test that behavior.

Have you tried it?

@sswami

Do you have a support plan? If so, the best way to get support is to open a ticket: https://account.fusionauth.io/account/support/

@dan This was delivered in 1.27.0