FusionAuth · mooreds · Mar 13, 2025 · Oct 8, 2024 · Oct 8, 2024 · Oct 8, 2024
@@ -30,3 +30,18 @@ jobs:
  count=`src/scripts/check-for-closed-github-issues-in-docs.sh`
  exit $count
  shell: bash
+ send_mail_on_failure:
+ needs: check_closed_github_issues
+ runs-on: ubuntu-latest
+ if: ${{ failure() }}
+ steps:
+ - uses: dawidd6/action-send-mail@v3
+ with:
+ server_address: ${{secrets.MAIL_HOST}}
+ server_port: ${{secrets.MAIL_PORT}}
+ username: ${{secrets.MAIL_USERNAME}}
+ password: ${{secrets.MAIL_PASSWORD}}
+ subject: Failed linkcheck2
+ to: ${{secrets.WEBSITE_SLACK_CHANNEL_NOTIFICATION_EMAIL}}
+ from: FusionAuth GitHub Actions <noreply@fusionauth.io>
+ body: "Closed issue check failed, https://github.com/FusionAuth/fusionauth-site/actions/workflows/closedissues.yml has more."
@@ -11,6 +11,6 @@ import APIField from 'src/components/api/APIField.astro';
 
  {props.idp_type === 'Google' && <>
  <span class="text-green-600">Since 1.44.0</span> <br/>
- <strong>If you are using a version of FusionAuth older than 1.44.0</strong>, <code>UsePopup</code> won't work. <code>UseRedirect</code> will continue to work after this date. Please see <a href="https://github.com/FusionAuth/fusionauth-issues/issues/1939">Issue #1939</a> for more. This <a href="/community/forum/topic/2329/upcoming-google-identity-provider-changes">forum post</a> has more details on an available workaround and upgrade process.
+ <strong>If you are using a version of FusionAuth older than 1.44.0</strong>, <code>UsePopup</code> won't work. <code>UseRedirect</code> will continue to work after this date. Please see [the 1.44.0 release notes](/docs/release-notes/#version-1-44-0) for more information. This [forum post](/community/forum/topic/2329/upcoming-google-identity-provider-changes) has more details on an available workaround and upgrade process.
  </>}
 </APIField>
@@ -192,5 +192,5 @@ If you wish to enable an [invisible reCAPTCHA](https://developers.google.com/rec
 ```
 
 <Aside type="note">
-On versions of FusionAuth prior to 1.46.0 you will need to update the JavaScript in order to properly handle the form submit for invisible reCAPTCHA. See [this GitHub issue](https://github.com/FusionAuth/fusionauth-issues/issues/2237) for more information.
+On versions of FusionAuth prior to 1.46.0 you will need to update the JavaScript in order to properly handle the form submit for invisible reCAPTCHA. See [the 1.46.0 release notes](/docs/release-notes/#version-1-46-0) for more information.
 </Aside>
@@ -1,4 +1,4 @@
 An Application's OAuth configuration allows you to specify the logout behavior of an application as either "All applications" or "Redirect only."
 Specifying the default value of "All applications" will call the configured logout URL for each application in the Tenant _except_ for the FusionAuth admin application.
 
-As of version 1.37, this is no longer a limitation. See the [GitHub issue](https://github.com/FusionAuth/fusionauth-issues/issues/1699) for more information.
+As of version 1.37.0, this is no longer a limitation. See [the release notes for version 1.37.0](/docs/release-notes/#version-1-37-0) for more information.
@@ -15,8 +15,6 @@ Since it is a managed service, there are additional limitations as well:
 * There is no support for proxy customization to add, for example, [tenant routing](/docs/operate/deploy/proxy-setup#proxies-and-tenants). To accomplish such goals, add your own proxy layer such as CloudFlare, with FusionAuth Cloud as an origin. Make sure you configure the [trusted proxies](/docs/operate/secure-and-monitor/networking).
  * You cannot modify `X-Forwarded-Port` or `X-Forwarded-Proto`. For example, you can't proxy a FusionAuth Cloud instance to make it appear as if it was running at `http://localhost` or another non-TLS endpoint.
 * Use of port 25 is not allowed. To connect to an SMTP server such as Mailgun or SES, use a different port.
-* The IP addresses of a FusionAuth Cloud deployment are not fixed. Whenever possible, use the domain name, which is fixed. If you need IP addresses of the FusionAuth service nodes, follow the instructions in the [Deployment IP Addresses](/docs/get-started/run-in-the-cloud/cloud#deployment-ip-addresses) section found above. Be aware that even after determining the assigned IP addresses, they are subject to change.
- * Please upvote or comment on this [open issue about static IP addresses in FusionAuth Cloud](https://github.com/FusionAuth/fusionauth-issues/issues/1393).
 * If you are on FusionAuth Cloud and you find that some requests are failing with a `429` status code, you are being rate limited. This isn't intentional, but an automated part of our infrastructure to ensure FusionAuth Cloud performance and security. [Learn more here](/docs/get-started/run-in-the-cloud/cloud#captcha-and-rate-limits), including how to avoid rate limiting for certain servers.
 * If you want to run Advanced Threat Detection, an Enterprise feature, you'll need a cloud deployment with sufficient memory. It must be a Large or X-Large.
 * With HA and other multi-node deployments, requests are passed through a load balancer. When making requests to node specific metrics endpoints such as `/api/status` or `/api/prometheus/metrics` each request may return different results because the response is specific to the service node responding to the request. Using these endpoints to monitor a deployment is not recommended.

@@ -8,6 +8,7 @@ tertcategory: identity providers
 quatercategory: social
 tags: auth as a service
 ---
+import Breadcrumb from 'src/components/Breadcrumb.astro';
 import InlineField from 'src/components/InlineField.astro';
 import InlineUIElement from 'src/components/InlineUIElement.astro';
 import IdpApplicationConfiguration from 'src/content/docs/_shared/_idp-application-configuration.astro';
@@ -33,17 +34,17 @@ Ensure you have a Google login, and then navigate to the [Google Cloud console](
 
 ## Create Google OAuth client credentials
 
-In the Google Cloud console, find the APIs & Services Credentials by navigating to <strong>APIs and Services -> Credentials</strong>.
+In the Google Cloud console, find the APIs & Services Credentials by navigating to <Breadcrumb>APIs and Services -> Credentials</Breadcrumb>.
 
 If you are prompted to select or create a project, do that now. In the following example I will need to create my first project before I can create credentials. I will call the project `Pied Piper`.
 
 ![Create Google Cloud Project](/img/docs/lifecycle/authenticate-users/identity-providers/social/google-cloud-create-project.png)
 
-Now that you have selected or created your first project, navigate to <strong>APIs & Services -> Credentials</strong> and then click on <strong>Create credentials</strong> and select <InlineField>OAuth client ID</InlineField>.
+Now that you have selected or created your first project, navigate to <Breadcrumb>APIs & Services -> Credentials</Breadcrumb> and then click on <InlineUIElement>Create credentials</InlineUIElement> and select <InlineField>OAuth client ID</InlineField>.
 
 ![Create Credentials](/img/docs/lifecycle/authenticate-users/identity-providers/social/google-cloud-create-credentials.png)
 
-If you see an alert indicating you first need to configure the content screen, do that now by clicking on <strong>Configure consent screen</strong>.
+If you see an alert indicating you first need to configure the content screen, do that now by clicking on <InlineUIElement>Configure consent screen</InlineUIElement>.
 
 ![Configure Consent](/img/docs/lifecycle/authenticate-users/identity-providers/social/google-cloud-configure-consent.png)
 
@@ -77,7 +78,7 @@ These same scopes should be referenced in the IdP configuration in FusionAuth, w
 
 Then, click `Save and continue` after optionally adding any test users.
 
-Navigate to <strong>APIs & Services -> Credentials</strong> and then click on <strong>Create credentials</strong> and select <InlineField>OAuth client ID</InlineField>.
+Navigate to <Breadcrumb>APIs & Services -> Credentials</Breadcrumb> and then click on <InlineUIElement>Create credentials</InlineUIElement> and select <InlineField>OAuth client ID</InlineField>.
 
 Select <InlineUIElement>Web application</InlineUIElement> from the <InlineField>Application Type</InlineField> field.
 
@@ -101,7 +102,7 @@ Now you have completed creating a Google OAuth client credential. If you select
 
 ## Create a Google Identity Provider
 
-The last step will be to create a Google Identity Provider in FusionAuth. To create an Identity Provider navigate to <strong>Settings -> Identity Providers</strong> and click the menu in the upper right corner and select `Add Google`.
+The last step will be to create a Google Identity Provider in FusionAuth. To create an Identity Provider navigate to <Breadcrumb>Settings -> Identity Providers</Breadcrumb> and click the menu in the upper right corner and select <InlineUIElement>Add Google</InlineUIElement>.
 
 This will take you to the `Add Google` panel, and you'll fill out the `Client Id` and `Client secret` required fields using the values found in the Google Cloud console. Provide the scopes needed for your application which you configured in the Google Console above. The button text is also required but it will be defaulted to `Login with Google`, you may optionally modify this default value.
 
@@ -131,7 +132,7 @@ This will take you to the `Add Google` panel, and you'll fill out the `Client Id
 
  <span class="text-green-500">Since 1.44.0</span>
 
- **If you are using a version of FusionAuth older than 1.44.0**, `Use popup for login` won't work. `UseRedirect` will continue to work after this date. Please see [Issue #1939](https://github.com/FusionAuth/fusionauth-issues/issues/1939) for more. This [forum post](/community/forum/topic/2329/upcoming-google-identity-provider-changes) has more details on an available workaround and upgrade process.
+ **If you are using a version of FusionAuth older than 1.44.0**, `Use popup for login` won't work. `UseRedirect` will continue to work after this date. Please see [the notes for release 1.44.0](/docs/release-notes/#version-1-44-0) for more information. This [forum post](/community/forum/topic/2329/upcoming-google-identity-provider-changes) has more details on an available workaround and upgrade process.
  </APIField>
  <APIField name="Button text" required>
  The text to be displayed in the button on the login form. This value is defaulted to `Login with Google` but it may be modified to your preference.
@@ -153,7 +154,7 @@ This will take you to the `Add Google` panel, and you'll fill out the `Client Id
  <APIField name="Reconcile lambda" optional since="1.17.0">
  A lambda may be utilized to map custom claims returned from Google.
 
- To configure a lambda, navigate to <strong>Customizations -> Lambdas</strong>.
+ To configure a lambda, navigate to <Breadcrumb>Customizations -> Lambdas</Breadcrumb>.
  </APIField>
  <APIField name="Debug enabled" optional defaults="false">
  Enable debug to create an event log to assist you in debugging integration errors.

@@ -14,7 +14,7 @@ import InlineUIElement from 'src/components/InlineUIElement.astro';
 import BootstrappingSSO from 'src/content/docs/lifecycle/authenticate-users/_bootstrapping-sso.mdx'
 import Breadcrumb from 'src/components/Breadcrumb.astro';
 import JSON from 'src/components/JSON.astro';
-import {RemoteCode} from '@fusionauth/astro-components';
+import { RemoteCode } from '@fusionauth/astro-components';
 import ApplicationManagedSessionsStart from 'src/diagrams/docs/lifecycle/authenticate-users/application-managed-sessions-start.astro';
 import ApplicationManagedSessionInvalid from 'src/diagrams/docs/lifecycle/authenticate-users/application-managed-session-invalid.astro';
 import ApplicationManagedSessionsRequests from 'src/diagrams/docs/lifecycle/authenticate-users/application-managed-sessions-requests.astro';
@@ -428,7 +428,7 @@ The FusionAuth SSO session allows transparent authentication on one browser or d
 * the refresh token representing the FusionAuth SSO session is revoked via an API call or the admin UI 
 
 <Aside type="note">
-Previous to version 1.52, setting the SSO session to a low value and enabling other post authentication workflows such as an OAuth consent screen could cause a login workflow to be restarted. See this [GitHub issue for more details](https://github.com/FusionAuth/fusionauth-issues/issues/2736).
+Previous to version 1.52, setting the SSO session to a low value and enabling other post authentication workflows such as an OAuth consent screen could cause a login workflow to be restarted. See the [release notes for version 1.53.0](/docs/release-notes/#version-1-53-0) for more details.
 </Aside>
 
 <SessionsExpiration />

@@ -6,6 +6,7 @@ section: lifecycle
 subcategory: authenticate users
 tags: auth as a service
 ---
+import Breadcrumb from 'src/components/Breadcrumb.astro';
 import PremiumPlanBlurb from 'src/content/docs/_shared/_premium-plan-blurb.astro';
 import DifferenceTwoFactorMultiFactor from 'src/content/docs/_shared/_difference-two-factor-multi-factor.mdx';
 import EnterprisePlanBlurb from 'src/content/docs/_shared/_enterprise-plan-blurb.astro';
@@ -17,6 +18,7 @@ import MfaMigration from 'src/content/docs/lifecycle/authenticate-users/_mfa-mig
 import MfaTroubleshooting from 'src/content/docs/lifecycle/authenticate-users/_mfa-troubleshooting.mdx';
 import StepUpDiagram from 'src/diagrams/docs/lifecycle/authenticate-users/step-up-auth.astro';
 import { YouTube } from '@astro-community/astro-embed-youtube';
+import StaticPatchNote from 'src/content/docs/sdks/_static-patch-note.mdx';
 
 <YouTube id="GM2JPTu-EE4" />
 
@@ -152,7 +154,7 @@ curl -XPOST -H 'Content-type: application/json' -H "Authorization: $API_KEY" 'ht
 
 This API call will send a unique code to the user using the method specified.
 
-The lifetime and length of this code can be configured by navigating to <strong>Tenants -> Your Tenant -> Advanced</strong> and modifying the <InlineField>Two-Factor One Time Code</InlineField> settings.
+The lifetime and length of this code can be configured by navigating to <Breadcrumb>Tenants -> Your Tenant -> Advanced</Breadcrumb> and modifying the <InlineField>Two-Factor One Time Code</InlineField> settings.
 
 #### Collect the Code
 
@@ -403,7 +405,7 @@ You have four options:
 
 ### Using the Administrative User Interface
 
-Navigate to <strong>Users -> The User</strong> and manage the user. Then go to the <strong>Multi-Factor</strong> tab. Remove any of the MFA methods by clicking the red trash can icon and confirming the deletion:
+Navigate to <Breadcrumb>Users -> The User</Breadcrumb> and manage the user. Then go to the <Breadcrumb>Multi-Factor</Breadcrumb> tab. Remove any of the MFA methods by clicking the red trash can icon and confirming the deletion:
 
 <img src="/img/docs/lifecycle/authenticate-users/delete-factor-admin-view.png" alt="Delete an MFA method from the admin screen." width="1200" role="bottom-cropped" />
 
@@ -428,8 +430,7 @@ user_two_factor_removed=`echo $user| jq 'del(.[].twoFactor[])' -`
 curl -XPUT -H 'Content-type: application/json' -H "Authorization: $API_KEY" 'https://sandbox.fusionauth.io/api/user/00000000-0000-0000-0000-000000000004' -d "$user_two_factor_removed"
 ```
 
-The reason you need to retrieve the user and modify the data, then use `PUT` to update it, is because of how `PATCH` handles arrays.
-[Read this tracking issue for more info.](https://github.com/FusionAuth/fusionauth-issues/issues/441)
+The reason you need to retrieve the user and modify the data then use `PUT` to update it, is [because of how `PATCH` handles arrays](/docs/apis/#the-patch-http-method).
 
 ### Building Your Own Interface
 

@@ -212,7 +212,9 @@ The workflow for this mode looks like:
 
 The **First-party service authorization** mode is the inverse of the **Third-party service authorization** mode. When another application wishes to call your APIs on behalf of one of your users, you are in this mode. Here, your application is the "third-party service" discussed above. Your application asks the user if they want to grant the other application specific permissions. Basically, if you are building a platform and want developers to be able to call your APIs on behalf of their users, you'll need to support this OAuth mode.
 
-With this mode, you can create custom scopes for each application. To learn how to use scopes, read the documentation [here](/docs/lifecycle/authenticate-users/oauth/scopes).
+With this mode, your OAuth server might display a "permission grant screen" to the user asking if they want to grant the third-party application permissions to your APIs. This isn't strictly necessary and depends on your requirements, but if it is, you want custom scopes.
+
+Custom scopes are now supported in FusionAuth; you can find more information within [OAuth Scopes](/docs/lifecycle/authenticate-users/oauth/scopes).
 
 ## Machine-to-machine Authorization
 

@@ -17,7 +17,7 @@ import SessionsExpiration from 'src/content/docs/lifecycle/authenticate-users/_s
 import SSOLogin from 'src/diagrams/docs/lifecycle/authenticate-users/sso-login.astro';
 import SSOLogout from 'src/diagrams/docs/lifecycle/authenticate-users/sso-logout.astro';
 import { YouTube } from '@astro-community/astro-embed-youtube';
-import {RemoteCode} from '@fusionauth/astro-components';
+import { RemoteCode } from '@fusionauth/astro-components';
 
 This guide will walk you through setting up single sign-on (SSO) between two web applications using FusionAuth as their common authentication and authorization server. You will use the hosted login pages for your login form.
 
@@ -382,5 +382,5 @@ Navigate to <Breadcrumb>Applications -> Your Application -> OAuth</Breadcrumb> a
 
 * You can view the [example application's codebase](https://github.com/fusionauth/fusionauth-example-node-sso).
 * The [Tenant API](/docs/apis/tenants) can be used to manage single sign-on related configuration.
-* This guide uses the hosted login pages. If you are using the Login API and building your own pages, [check out the comments on this issue](https://github.com/FusionAuth/fusionauth-issues/issues/171) for guidance.
+* This guide uses the hosted login pages.
 * The [Logout and Sessions Guide](/docs/lifecycle/authenticate-users/logout-session-management) has more information about session management options beyond using the built in SSO session.