Create user with FusionAuth Admin Interface from Kickstartfile

@paterik4 I think you need to give the application_id instead of the client_id in the registration block

@paterik4 Hiya,

Can you try eliminating some things to troubleshoot?

• Try hardcoding the application id rather than using an environment variable. In fact, try replacing all the env references with hardcoded values
• Try removing the supportId; I'm not sure what that is.

Also, if you are ending up at the setup wizard, that means that the kickstart didn't complete. Can you look at the log file output and see what error messages kickstart provides. You can also verify that the JSON is valid using a tool like jsonlint.com.

Also, what version of FusionAuth are you attempting this on?

If you can share a GH repo showing this issue, I'd like to take a look.

@quent I thought about that, but how should I get the id of FusionAuth that was just created by kickstart?

@dan Hello!

If I try to add an application registration as shown in the example in FusionAuth's Github repo, it gives me this error:

2022-12-13 02:42:06.813 PM ERROR io.fusionauth.api.service.system.kickstart.KickstartRunner - Failed to execute request to [POST][/api/application/00000000-0000-0000-0000-000000000001] Status [400]

Request body:

{

  "application" : {

    "name" : "FusionAuth",

    "roles" : [ "user", "admin" ]

  }

}

2022-12-13 02:42:06.813 PM ERROR io.fusionauth.api.service.system.kickstart.KickstartRunner - Error response:

{

  "fieldErrors" : {

    "application.name" : [ {

      "code" : "[duplicate]application.name",

      "message" : "An Application with name [FusionAuth] already exists."

    } ]

  },

  "generalErrors" : [ ]

}

If the kickstart creates FusionAuth for himself, how could I get its id to register users to it with an admin role?

The supportId doesn't create any error.

My kickstart file is a valid JSON file.

I am trying to use image: fusionauth/fusionauth-app:1.38.0 image of FusionAuth.

@paterik4 I think you can specify it in the kickstart when you create it

@quent That would be great. Can you give me and example how can I achieve this?

@quent @dan Thank you for your help! I get it working.

My mistakes were the following:

1. I tried to specify the Fusionauth app id.
2. I tried to create the FusionAuth app which gave me an error that it already exists.
3. I used the default (provided) FusionAuth app id wrongly.
4. I tried to register the user twice.

Here is my solution without any other registration:

If you would like to give access to an already registered user u should provide access to that user with the same URL but with the following body:

      "body": {
        "skipRegistrationVerification": true,
        "registration": {
          "applicationId": "#{FUSIONAUTH_APPLICATION_ID}",
          "roles": ["admin"]
        }
      }

If you would like to give access to a new user, then u should do it under a different URL and you have to specify the user email and password inside the body like this:

      "body": {
        "user": {
          "email": "#{adminEmail}",
          "password": "#{password}"
        },
        "registration": {
          "applicationId": "#{FUSIONAUTH_APPLICATION_ID}",
          "roles": ["admin"]
        }
      }

@paterik4 Awesome, glad you got it working.

For anyone else, https://fusionauth.io/docs/v1/tech/apis/registrations documents the two different ways of creating a registration (for a new user and an existing user).

Hi, I am fairly new to FusionAuth and have the same issue as the original poster.

The Kickstart file I created does not allow the user to login to access the admin interface.

What I attempting to do is run locally in Docker containers, so that the same set up can be used by another developer from docker compose.

Please could I have some help with the Kickstart file?

It runs, does not appear to throw any errors in the fusionauth logs, but i cannot login.

Please find enclosed the kickstart file and the docker compose snippet.

Regards
Chris

Kickstart file

{
  "variables": {
    "adminEmail": "admin@fusionauth.io",
    "password": "apassword",
    "defaultTenantId": "68e4bbcf-f44b-a066-34c1-d53bdd4e4810",
    "applicationId": "80640732-cecc-4962-9928-6937bee1090a"
  },
  "apiKeys": [
    {
      "key": "nvbt6nwmxyHQVy2F7xYCgSgLww4ssUy9csmzVAEJatS4mkp7H2vGogJI",
      "description": "Standard development API key"
    }
  ],
  "requests": [
    {
      "method": "POST",
      "url": "/api/application/80640732-cecc-4962-9928-6937bee1090a",
      "body": {
        "application": {
          "name": "LocalApp",
          "roles": [
            {
              "name": "admin"
            },
            {
              "name": "user"
            },
            {
              "name": "user-admin"
            }
          ],
          "oauthConfiguration": {
            "clientSecret": "AsCh5TTgB_JmeSr57P15M31S0nblbbak5h15ZHU7kVc",
            "clientID": "80640732-cecc-4962-9928-6937bee1090a",
            "authorizedOriginURLs": [
              "http://localhost:3000",
              "http://localhost:3016"
            ],
            "authorizedRedirectURLs": [
              "http://localhost:3000/api/v1/auth/callback"
            ],
            "enabledGrants": [
              "authorization_code",
              "password",
              "refresh_token"
            ],
            "logoutURL": "http://localhost:3000/api/v1/auth/logout",
            "generateRefreshToken": true
          }
        }
      }
    },
    {
      "method": "POST",
      "url": "/api/user/registration/00000000-0000-0000-0000-000000000001",
      "body": {
        "skipRegistrationVerification": true,
        "user": {
          "email": "john@genericcompany.com",
          "firstName": "John",
          "lastName": "Smith",
          "password": "apassword",
          "imageUrl": ""
        },
        "registration": {
          "applicationId": "80640732-cecc-4962-9928-6937bee1090a",
          "roles": [
            "admin"
          ]
        }
      }
    },
    {
      "method": "POST",
      "url": "/api/user/registration/00000000-0000-0000-0000-000000000002",
      "body": {
        "skipRegistrationVerification": true,
        "user": {
          "email": "james@genericcompany.com",
          "firstName": "James",
          "lastName": "Smith",
          "password": "apassword",
          "imageUrl": ""
        },
        "registration": {
          "applicationId": "80640732-cecc-4962-9928-6937bee1090a",
          "roles": [
            "admin"
          ]
        }
      }
    },
    {
      "method": "POST",
      "url": "/api/user/registration/00000000-0000-0000-0000-000000000003",
      "body": {
        "user": {
          "email": "adam@genericcompany.com",
          "firstName": "Adam",
          "lastName": "Smith",
          "password": "apassword",
          "imageUrl": ""
        },
        "registration": {
          "applicationId": "80640732-cecc-4962-9928-6937bee1090a",
          "roles": [
            "admin",
            "user",
            "user-admin"
          ]
        }
      }
    },
    {
      "method": "POST",
      "url": "/api/user/registration/00000000-0000-0000-0000-000000000004",
      "body": {
        "user": {
          "email": "jane@genericcompany.com",
          "firstName": "Jane",
          "lastName": "Smith",
          "password": "apassword",
          "imageUrl": ""
        },
        "registration": {
          "applicationId": "80640732-cecc-4962-9928-6937bee1090a",
          "roles": [
            "user"
          ]
        }
      }
    },
    {
      "method": "POST",
      "url": "/api/user/registration/00000000-0000-0000-0000-000000000005",
      "body": {
        "user": {
          "email": "helga@genericcompany.com",
          "firstName": "Helga",
          "lastName": "Smith",
          "password": "apassword",
          "imageUrl": ""
        },
        "registration": {
          "applicationId": "80640732-cecc-4962-9928-6937bee1090a",
          "roles": [
            "user"
          ]
        }
      }
    },
    {
      "method": "POST",
      "url": "/api/user/registration/00000000-0000-0000-0000-000000000006",
      "body": {
        "user": {
          "email": "Susan@genericcompany.com",
          "firstName": "Susan",
          "lastName": "Smith",
          "password": "apassword",
          "imageUrl": ""
        },
        "registration": {
          "applicationId": "80640732-cecc-4962-9928-6937bee1090a",
          "roles": [
            "user"
          ]
        }
      }
    }
  ]
}

Docker compose snippet

fusionauth:
    image: fusionauth/fusionauth-app:1.43.0
    container_name: fusionauth
    depends_on:
      authdb:
        condition: service_healthy
    environment:
      DATABASE_URL: jdbc:postgresql://authdb:5432/${POSTGRES_DB}
      DATABASE_ROOT_USERNAME: ${POSTGRES_USER}
      DATABASE_ROOT_PASSWORD: ${POSTGRES_PASSWORD}
      DATABASE_USERNAME: ${DATABASE_USERNAME}
      DATABASE_PASSWORD: ${DATABASE_PASSWORD}
      FUSIONAUTH_APP_MEMORY: ${FUSIONAUTH_APP_MEMORY}
      FUSIONAUTH_APP_RUNTIME_MODE: development
      FUSIONAUTH_APP_URL: http://localhost:9011
      SEARCH_TYPE: database
      FUSIONAUTH_APP_KICKSTART_FILE: ${FUSIONAUTH_APP_KICKSTART_FILE}
    networks:
      - localnet
    restart: unless-stopped
    ports:
      - 9011:9011
    volumes:
      - ./conf/fusionauth/config:/usr/local/fusionauth/config
      - ./conf/fusionauth/kickstart:/usr/local/fusionauth/kickstart
      - ./volumes/fusionauth/logs:/usr/local/fusionauth/logs

  authdb:
    image: postgres:12.5-alpine
    container_name: authdb
    hostname: authdb
    ports:
      - "5433:5432"
    environment:
      PGDATA: /var/lib/postgresql/data/pgdata
      POSTGRES_DB: ${POSTGRES_DB}
      POSTGRES_USER: ${POSTGRES_USER}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
    healthcheck:
      test: [ "CMD-SHELL", "pg_isready -U postgres" ]
      interval: 5s
      timeout: 5s
      retries: 5
    networks:
      - localnet
    restart: unless-stopped
    volumes:
      - ./volumes/authdb:/var/lib/postgresql/data