Also, we just updated the pricing page to make it clearer that the Community edition can be used with commercial applications.

@jitendra-sabat

We don't have an out of the box form control for a multi-select, but you can create one using the theme customization. You should start with a custom form field with a check box form control type because it supports multiple values.

As long as the serialized version of the form is valid and matches the data type you set in the field definition, it should work.

So, start with the checkbox list, and ensure that is functional, and then you can re-write that control or style it however you want in the themed template, or via JavaScript.

@jitendra-sabat

Hiya,

You can add keys to the messages.properties file. Here's a blog post that illustrates this: https://fusionauth.io/blog/2020/09/01/theme-registration-form

In that post, the registration.data.minprice field is one of the custom fields.

This is all what the event log says:
0bb4ffd1-ffcd-4cd9-b697-0689dd727794-image.png

It seems there is a similar issue reported here:
https://fusionauth.io/community/forum/topic/835/cors-error-when-posting-to-oauth2-token/7

It's working when I use postman

Doc PR here: https://github.com/FusionAuth/fusionauth-site/pull/1427

Seems like it doesn't work until the gated unverified behavior feature is enabled.

Although this is confusing because FusionAuth accepts my new form field verification strategy setting but just ignores it.

@jlinton

Is it possible to leverage what is described in this post?

https://fusionauth.io/community/forum/topic/663/force-google-account-selection-on-every-login

Also, how entrenched are you with SAML?

@fred-fred said in Where to put SAML metadata if FA is acting as IDP?:

But it looks like this is the only place to enter SP metadata info, correct?

I'm not sure I understand what you mean.

@pete-brar

I know we've had some customers ask for this, but I'm not aware of anyone. I imagine it shouldn't be hard to write an ingester--listen to the event logs webhook and push to DataDog.

Here's a sample AWS lambda that listens to FusionAuth events and pushes them to S3: https://github.com/FusionAuth/fusionauth-example-lambda-webhook

Maybe you could re-use some of that code?

If you end up doing so, please share any findings here; I'd love to know how it went.

@nathan-0

Hmmm. That's no good!

What version of FusionAuth are you running?

What changes are you making? Have you tried making different changes?

There's also often some confusion between verify registration and verify email, so are you sure you are walking through the correct workflow?

@theo This is a good use case for entity management. You can model workspaces as entities and then grant a single user account permissions for each workspace as needed.

This is a slightly different model, because the user still has one account, though.

Here's more details: https://fusionauth.io/docs/v1/tech/core-concepts/entity-management

Note that entity management is a feature requiring a paid license.

@theo You'll want to look at step up auth.

It's documented here: https://fusionauth.io/docs/v1/tech/guides/multi-factor-authentication#step-up-auth

@theo

Yes. It should be present on the identity link object: https://fusionauth.io/docs/v1/tech/apis/identity-providers/links

The type of token returned depends on the identity provider, but for Google I believe it is the access token.

@vodinhtan1122 No, that is not correct. It should be fully supported. The only SAML functionality that is not present in the community edition is SAMLv2 IdP initiated login.

@zidstol-komp

So it sounds like you are not using FusionAuth's hosted login pages, but are building your own integration with Facebook. And then you are calling https://fusionauth.io/docs/v1/tech/apis/identity-providers/facebook#complete-the-facebook-login

Is that correct?

If so, I think you'd need to make the additional calls to Facebook to get the name and picture and then to update the FusionAuth user profile.

When you use the hosted login pages, we handle that for you, but when you build your own integration, all we do is log the user in (and possible create them and register them for your application, if configured to do so).

@marengoapp Did you see any errors in the system log files? If so, please share them here.

@mart

Thanks for the detailed repro steps. I just looked through the code and didn't see anything that indicated this behavior.

Could you do one more test for me, please? Can you check and see what happens if you don't use FUSIONAUTH_APPLICATION_CLIENT_SECRET and instead use a different variable name? Something like MY_COOL_APPLICATION_CLIENT_SECRET or something like that?

I don't think there's a collision or reserved variable, but it's worth ruling out.

Also, what version of FusionAuth are you running?

@ursache-rarress

Thanks for using FusionAuth!

Getting the password via API is not possible.

If you want to migrate away from FusionAuth and need the password hash for that purpose, you can use a database export.

In general, if you are using FusionAuth as your auth server, passwords should remain within FusionAuth and no where else.