- 186
- 1 106 381
FusionAuth
United States
Приєднався 29 жов 2018
Stop worrying about Auth
FusionAuth seamlessly plugs into your applications and is fully customizable for your needs. We'll handle the auth so you can focus on your business.
The best part? You get awesome support with pricing that doesn't break the bank.
FusionAuth seamlessly plugs into your applications and is fully customizable for your needs. We'll handle the auth so you can focus on your business.
The best part? You get awesome support with pricing that doesn't break the bank.
Add Passkeys to FusionAuth Community Edition
Get up and running with FusionAuth Community Edition and easily add passkeys to your account. Follow this quick tutorial and start securing your applications today.
fusionauth.io/docs/lifecycle/authenticate-users/passwordless/webauthn-passkeys
00:00 Introduction
00:39 Setting Up FusionAuth
01:34 Creating a New Application
03:30 Enabling WebAuthn
05:13 Passkey Registration
06:03 Logging In
06:32 Conclusion
fusionauth.io/docs/lifecycle/authenticate-users/passwordless/webauthn-passkeys
00:00 Introduction
00:39 Setting Up FusionAuth
01:34 Creating a New Application
03:30 Enabling WebAuthn
05:13 Passkey Registration
06:03 Logging In
06:32 Conclusion
Переглядів: 111
Відео
Authorization Code Grant Simple Demo
Переглядів 893 місяці тому
In this video, we will guide you through the intricacies of the Authorization Code Grant flow using FusionAuth's sandbox environment. This simple example aims to be accessible to everyone, so follow along as we dive into the details. fusionauth.io/blog/understanding-the-authorization-code-grant 00:00 Introduction 00:26 Authentication Flow 01:28 Key Features 02:00 Conclusion
FusionAuth on Render
Переглядів 8014 місяці тому
Ever wanted to host FusionAuth on Render.com? We'll show you step-by-step how to do it, including setting up a proxy and PostgreSQL backend. Let's dive in and make it happen! fusionauth.io/blog/fusionauth-on-render 00:00 Introduction 00:28 Setting Up PostgresSQL Database 01:16 Deploying Web Service 02:22 Environment Variables 04:00 Network Configuration 05:29 Admin User Setup 06:05 Proxy Endpoi...
Users In FusionAuth
Переглядів 1154 місяці тому
FusionAuth supports unlimited users. You can create them manually or have them register themselves. You can search and manage users in the administrative user interface. More on users here: fusionauth.io/docs/v1/tech/core-concepts/users/
Demo of single sign-on with FusionAuth
Переглядів 2834 місяці тому
Demo of single sign-on with FusionAuth
FusionAuth Pricing: The Three questions you should be asking!
Переглядів 1455 місяців тому
FusionAuth Pricing: The Three questions you should be asking!
FusionAuth Simple Themes Walkthrough
Переглядів 2145 місяців тому
FusionAuth Simple Themes Walkthrough
Hack Em | Wealthy Contestants Get Their Accounts Hacked
Переглядів 32 тис.8 місяців тому
Hack Em | Wealthy Contestants Get Their Accounts Hacked
FusionAuth Multi-Factor Authentication
Переглядів 63411 місяців тому
FusionAuth Multi-Factor Authentication
FusionAuth Passwordless Authentication
Переглядів 24311 місяців тому
FusionAuth Passwordless Authentication
FusionAuth Identity Provider Hints and Managed Domains
Переглядів 16611 місяців тому
FusionAuth Identity Provider Hints and Managed Domains
Migrate Users Easier using FusionAuth's Connector API
Переглядів 29411 місяців тому
Migrate Users Easier using FusionAuth's Connector API
AWS re:Invent booth #152 is on 🔥 #programming #aws #amazonwebservices #amazon
Переглядів 52Рік тому
AWS re:Invent booth #152 is on 🔥 #programming #aws #amazonwebservices #amazon
Setting Up FusionAuth in (about) 5 Minutes - Docker
Переглядів 1,8 тис.Рік тому
Setting Up FusionAuth in (about) 5 Minutes - Docker
Setting Up FusionAuth in (about) 5 Minutes - Sandbox
Переглядів 145Рік тому
Setting Up FusionAuth in (about) 5 Minutes - Sandbox
Setting Up FusionAuth in (about) 5 Minutes - Fastpath
Переглядів 581Рік тому
Setting Up FusionAuth in (about) 5 Minutes - Fastpath
Best Practices for OAuth and Mobile Apps
Переглядів 2,2 тис.Рік тому
Best Practices for OAuth and Mobile Apps
Adding Magic Links to Your Next.js App Using FusionAuth
Переглядів 492Рік тому
Adding Magic Links to Your Next.js App Using FusionAuth
The Insecurity of OAuth 2.0 in Frontends
Переглядів 948Рік тому
The Insecurity of OAuth 2.0 in Frontends
FusionAuth Demo: Lambdas, Users, WebAuthn
Переглядів 1,7 тис.Рік тому
FusionAuth Demo: Lambdas, Users, WebAuthn
Finding the FusionAuth Signing Certificate for PagerDuty SSO Configuration
Переглядів 155Рік тому
Finding the FusionAuth Signing Certificate for PagerDuty SSO Configuration
WebAuthn: The re-authentication workflow
Переглядів 452Рік тому
WebAuthn: The re-authentication workflow
But Enabling self-service registration, user from different application within the same tenant is able to Log in. How to avoid this using only the interface ?
good solution
I also find the current monetization schemes of some providers quite repugnant. Stuck with Entra Id currently at work but running both KeyCloak and FusionAuth on my personal K8s cluster. Been enjoying the experience with FusionAuth quite a bit. KeyCloak is also a great piece of software but I think the option of starting with FusionAuth self hosted Community plan and moving to hosted plans a offers a better route to align needs and capacity costs in the long term. Definitely my first choice for future potential business ventures. Couple of other thoughts / questions: .NET auth story is currently a bit in a weird state after IdentityServer4 -> Duende, I think you might find potential customers there and probably already have. Do you have a plan to target the Vercel + Clerk / Auth0 crowd where everything is fun and pretty much free until the capacity costs hit you in the face. What's the risk of FusionAuth being acquired by evil corp A / B / C, since like with Auth0 that's when stuff goes downhill? Cheers!
"starting with FusionAuth self hosted Community plan and moving to hosted plans a offers a better route to align needs and capacity costs in the long term. Definitely my first choice for future potential business ventures." -- Awesome to hear, we agree. Good insight with the .NET auth. story. Keeping an eye on it. Not sure what you mean a "plan to target...." In general, we try to make the developer community aware of our product offering and pricing (finding the right level of licensing and support for your situation, as you mentioned above). Once they understand that, they can make the right decision for themselves and we are here for them. "What's the risk of FusionAuth being acquired by evil corp A / B /C..." While I can't say the risk is zero throughout the rest of time, we like our business model and service. It has made us successful and who we are today as a company. As a business we want to continue being successful and grow while providing great service and an outstanding product at a price point that makes sense. In the small chance that something like an acquisition by an evil company happens, we fully expect our customers and community to hold us accountable and that's why I don't think something like that is going to happen. And if you are really worried, one of the nice things about FusionAuth is that you can grab all your data any time you need.
wow, in one sentence weeks of studying made sense. ( SSO exists within your organization, while FIM exists across multiple organizations) Thanks!
Well said!
Thanks
hwo do u manage the auth provider info with it like playgames ,apple etc
Do... do you realize i cant read that text? its blocked by youtube shorts itself... also, holy crap, get better audio!
Thanks for the feedback.
why is that so LOUD?!?
Loud as compared to what other videos? We can take a look into it.
2 seconds in, and i gotta say, that audio quality is *_shit_* You're a company. Do better. Also, why does it sound sped up?
The video is trying to convey a lot of information quickly and effectively. We will take the feedback into consideration. Thanks for checking out the videos.
My company uses FusionAuth and I was working on an additional integration recently. It was a TERRIBLE experience, thanks to your captcha mechanism you're using. My task is quite difficult, I need to focus a lot, and yet you have been distracting me dozens of times with Captchas - hats, curtains, buckets, etc. And many of them require few tries to pass it. AND - I was logged in to the panel at the same time. Why you even needed to check if I'm a bot if I'm logged in? So frustrating.
CAPTCHA is used as a security measure to distinguish between human users and bots. I am sorry to hear you had a terrible experience. Whatever actions you were taking must have been similar to actions a bot might take. If you contact support and explain what you were trying to do, they may be able to help prevent so many showing up in the future.
Also, T.J. Miller did not go unnoticed.
Occasionally Mr. Bachman shows up around these parts.
This was just what I needed. Helpful!
Glad it was helpful! 🎉
We use ituran for tracking vehicles. :0
Nice, we hope your login is easy :D
I love the versatility!
Wait until our next release, it is going to be super easy to theme them on your own!!
At 36:40 , you said that the APIs are often "external." But it seems that many people use the BFF architecture (not in the security sense of the term) for their SPAs, such as angular frontend, spring boot backend or react frontend, node backend, and so on. And often there is an internal database where the direct contact with that databse is delegated to the backend. So often people set up their backend as a RESTful api for only their frontend to call. Often those api calls are just pushing and pulling data from the database. A CRUD app. And then there may be some 3rd party apis which the backend calls. In regard to the BFF security pattern, I can't find much information on what we are supposed to do with our own internal api which already exists on the backend (the ones for interfacing with the database). In my current SPA (angular frontend and spring boot backend), the frontend is the oauth client and sends the auth token to the backend to call its own api (using OIDC for login). How does the BFF security pattern change this part? I can see how it works with 3rd party apis (in that case, I have a backend, so just run the oauth flow in the existing backend when I need to call a 3rd party api). But how do I now secure my backend's own api? Do I now need an additional server (so two backends) or a gateway?
If you are trying to secure your backend and require the use of an API key this might be best. If you are just basing it on purly the JWT you could base it on the issuer, audience, and any claims you need to guarantee the call is safe. You can see more on how to accomplish Authorization and Securing your Application fusionauth.io/docs/get-started/core-concepts/authentication-authorization#authorization-and-securing-your-application
Hi and many thanks for producing these contents. I have a question, I am running a self-hosted FusionAuth on docker, but we need to pay for the registration form feature, did I get that right?
FusionAuth has two types of self-service registration, Basic and Advanced. The Basic is free with all plans. The Advanced registration requires a paid plan. fusionauth.io/blog/announcing-fusionauth-1-47#preferred-languages-on-the-basic-registration-form has a little more info for you if you are interested.
Question but in form of suggestion: why do not adding a link to the referred blog in the description?
Great suggestion! Added the link for react blog on oauth.
Thanks, practice example with python is appreciated
IDK why but for some reason I get a connection refused error message although I am using @fusionauth/typescript-client and everything looks good to me but I cannot register a user. But thanks for this video and sharing it.
You may want to check if you have any firewalls up and running. Are you able to log into the admin interface OK? If you'd like some help troubleshooting, please let us know.
@@FusionAuth Thanks, I diagnosed it, I was using localhost:9011 instead of fusionauth:9011 since my backend app and fusionauth was dockerized with docker compose. So it was more of a networking issue and using service name instead of hostname (in my dockerized backend container localhost refers to the container and since I was using localhost it was not able to connect to port 9011 on the container and that was absolutely correct, but when I use service name docker knows how to proxy my request from my backend container to fusionauth container)
How to add additional fields
I think that is addressed at about 1:50 in the video. Are you looking for something else?
@@FusionAuth Thank you but it would have been better if you added one additional fields and show how the exported users list looks like
Thank you!
Do the templates include token management?
Depends what you mean by token management. For the most part, it does handle getting the token and information from it into objects you can use.
Thank you again for such a great session
Thank you for this great and informative session.
Hello! Is it possible to use FusionAuth to serve as authentication for a RADIUS implementation (either Windows Server Network Policy Server or FreeRadius)? Thanks
FusionAuth doesn't support RADIUS at this time. Please feel free to file a feature request here: github.com/fusionauth/fusionauth-issues/issues We do support LDAP through our connectors, a paid edition feature. More here: fusionauth.io/docs/v1/tech/connectors/ldap-connector/
very nice
thanks!
Can you have it export with the date at which they signed up and last signed in?
According to the documentation firebase.google.com/docs/auth/admin/manage-users you can access that information so you should be able to pull that over.
Hi! Have you managed to do that? I'm trying to do the same thing or to sort them by the date they signed up, but I can't find the way to do it.
PHP still rocks! 🐘
and so do you!
Any reverse proxy config examples?
Sure, there are a number of community supported reverse proxy configuration examples here: github.com/FusionAuth/fusionauth-contrib/tree/master/Reverse%20Proxy%20Configurations There's also a reverse proxy guide here: fusionauth.io/docs/v1/tech/admin-guide/proxy-setup
@@FusionAuth Thank you so much for your response. Ill check it out asap.
@@TheGreatestMajesty great! Let us know if you have other questions.
BFF : what is the nature of the sessions that map the user to their tokens? is it IP based?!
Hiya, usually it is cookie based for web apps. For a mobile app it might be some other unique device indicator.
I have a webapi developed in NET 6 with swagger client. I define a lamba function of type jwt populate that set a couple of custom claims but when .NET doesn't see any claims. Any idea ? Thanks
Would you mind heading over to fusionauth.io/community/forum/ and sharing some of the code you are trying to use to populate the custom claims and the code to read them in the application?
Wow, this made more sense to me than the 7 pages in my textbook did. Alll i needed was that google analogy. Big thanks 👍
That is great news! Hopefully it is just adding to that book of knowledge 😉
Also very good teaching style. Well done! 👏🏻🙏🏻
Glad you liked it!
Thank you so much! Very valuable info.
Glad it was helpful!
Great demo, thank!
Glad you liked it!
good clear walk-thru, thanks!
Is this code open source
Sure. You can view the code here: github.com/fusionauth/fusionauth-example-react-native-0-71
I want to be able to browse my authenticated website after this integration(Which I have completed). I am able to browse my web account in android but when I am opening it on IOS its asking me to signin. is there any practical example to do that?
Hmmm. Cookies should be stored in the system browser. How are you accessing the authenticated website? Also, how does the authenticated website check for if a user is logged in?
Great Login Example ua-cam.com/users/clipUgkx4D8bgn24nyOfJtKGDK_YJeUlvG6cqr9S
Nerd knobs are my favorite!
It is probably our favorite type of knob for sure!
Thank you sir
keep in mind that with the newer versions of fusionauth, you need the api key string, not the key ID, in the authorization header.
Thanks MPR. It's a bit confusing, but in this video a UUID is used as an API key value. Any string can be an API key value (a UUID, 'super-secret' or a high entropy string). We agree it is confusing.
Well done guys. I wasn't that hopeful at the start but I guess first impressions don't always count
thank you bro.
Thank you! Will those user UIDs work on a new project? Or authentication will create new users with new UIDs?
Firebase user ids are random strings, but FusionAuth user ids are UUIDs. So each user who is imported will have a UUID assigned, as well a firebase id stored in the FusionAuth user.data field. You can query on the latter, but the former is what will be used for all operations requiring a user id. Does that help?
awesome, nice explanation :)
Thanks. Very helpful.
Prⓞм𝕠𝕤𝐌 👉
Amazing i hope you keep it up!
Thanks for reading this 1:50