Kickstart feedback

[glen-84]

Kickstart feedback

Description

I recently wrote a Kickstart file, and wanted to share some feedback about some things that I noticed during the process.

1. key.issuer is missing from the request body docs @ https://fusionauth.io/docs/v1/tech/apis/keys#generate-a-key.

2. When using sourceThemeId as follows:

   {
       "sourceThemeId": "75a068fd-e94b-451a-9aeb-3ddb9a3b5987",
       "theme": {
           "name": "testing",
           "templates": {
               "emailComplete": "...",
               "emailVerify": "...",
               "helpers": "...",
               "index": "...",
               "oauth2Authorize": "..."
           }
       }
   }

   The theme is created, but (a) The stylesheet is empty, and (b) All the templates are using the default text.

3. application.oauthConfiguration.generateRefreshTokens seems to default to false, not true.
4. There don't seem to be any docs for /oauth2/register @ https://fusionauth.io/docs/v1/tech/oauth/endpoints.
5. The FusionAuth URL is not available in email templates. This is quite annoying because it means that you have to hard-code the URL, so the template/kickstart is not reusable.
6. A JSON schema would have been nice. 😉
7. The Apple docs state to use the Import Private Key option, but they don't specify the key type (Elliptic).
8. Slightly confusing that API keys can be added in two ways (apiKeys and /api/api-key).

Hope this helps.

Community guidelines

All issues filed in this repository must abide by the FusionAuth community guidelines.

[mooreds]

Thank you for this!

[robotdan]

Thanks, appreciate the thoughtful feedback.

1. key.issuer is missing from the request body docs @

Opened https://github.com/FusionAuth/fusionauth-site/issues/1434.

2. When using sourceThemeId as follows:

I think this is working as designed. See https://fusionauth.io/docs/v1/tech/apis/themes#create-a-theme

sourceThemeId [UUID] OPTIONAL The optional Id of an existing Theme to make a copy of. If present, the defaultMessages, localizedMessages, templates, and stylesheet from the source Theme will be copied to the new Theme.

If you want to use a sourceThemeId and then update certain templates, you'll currently need to do a POST and then a PATCH.

3. application.oauthConfiguration.generateRefreshTokens seems to default to false, not true.

Hmm.. we'll take a look. I think it may depend upon if you create the Application in the UI or in the API - which shouldn't matter. So may be a bug.

4. There don't seem to be any docs for /oauth2/register

Sort of by design.. in that this isn't an API really - but a front end action that we control. We do document the entry point - the integration URL in the UI. And the page has some documentation in the theme doc, but not in the endpoints section because it isn't an OAuth2 endpoint that expect you to integrate with.

However.. I suppose it can behave the same as the /oauth2/authorize endpoint as far as an entry point to integrate, so perhaps we need to add it to the endpoint doc.

We'll review.

5. The FusionAuth URL is not available in email templates. This is quite annoying because it means that you have to hard-code the URL, so the template/kickstart is not reusable.

There is an open issue for this item. https://github.com/FusionAuth/fusionauth-issues/issues/457 The issue with this one is that we don't really know the end user URL for FusionAuth when we are sending emails. We'd have to add a config to indicate what you want this value to be.

6. A JSON schema would have been nice. 😉

Partially discussed here:

• https://github.com/FusionAuth/fusionauth-issues/issues/574
• https://github.com/FusionAuth/fusionauth-issues/issues/1264

7. The Apple docs state to use the Import Private Key option, but they don't specify the key type (Elliptic).

I think you're saying that the Apple doc itself does not indicate the key type that you need to know when importing into FusionAuth? If so, we can add a doc task to update our doc.

8. Slightly confusing that API keys can be added in two ways (apiKeys and /api/api-key).

Good point. The API key API /api/api-key is new-ish and came after the Kickstart doc. We'll need to update this. You do need to create at least one API key in the Kickstart config to bootstrap ourselves, but after that - I suppose you could also all the API key API - we'll need to confirm, and then update the docs.

[glen-84]

If you want to use a sourceThemeId and then update certain templates, you'll currently need to do a POST and then a PATCH.

Okay. It's slightly confusing since it still accepts the other fields, and one might expect those to override the source values.

There is an open issue for this item. #457

Ah, thanks, I didn't know about this. Up-voted.

Partially discussed here

Thanks, I should have searched. Sorry about that.

I think you're saying that the Apple doc itself does not indicate the key type that you need to know when importing into FusionAuth? If so, we can add a doc task to update our doc.

Ya, here.

[robotdan]

Okay. It's slightly confusing since it still accepts the other fields, and one might expect those to override the source values.

Yeah, I see your point. Perhaps we should be validating this as an error to let the API caller know that we will ignore the other fields. Opened GH issue to track.

• https://github.com/FusionAuth/fusionauth-issues/issues/1751

[robotdan]

Re: Apple EC key, opened GH issue to track and update our Apple IdP doc.

• https://github.com/FusionAuth/fusionauth-site/issues/1446

[robotdan]

A JSON schema would have been nice.

Thanks, I should have searched. Sorry about that.

Ha.. no problem, there are a lot of issues to search through and I know not everyone has them memorized yet.