Reactor

Overview

This API has been available since 1.26.0

This page contains the APIs for Reactor, FusionAuth’s license system. Reactor is used to activate features based upon your licensing tier. Here are the APIs:

Activate Reactor license

This API is used to activate a Reactor license.

Request

API Key Authentication
Activate a Reactor license
POST /api/reactor

Request Body

licenseIdStringrequired

The license Id to activate.

licenseString

The Base64 encoded license value. This value is necessary in an air gapped configuration where outbound network access is not available.

Response

This API does not return a JSON response body.

Response Codes
Code Description
200 The request was successful. The response will be empty.
400 The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.
401 You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.
500 There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

Retrieve Reactor metrics

This API is used to retrieve the metrics of Reactor features.

Request

API Key Authentication
Retrieve Reactor metrics
GET /api/reactor/metrics

Response

Response Codes
Code Description
200 The request was successful. The response will contain a JSON body.
401 You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.
500 There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

Response Body

metrics.breachedPasswordMetricsMap<UUID, List<Object>

The breached password metrics. The map key is the Tenant Id.

metrics.breachedPasswordMetrics[tenantId].actionRequiredInteger

The total number of user accounts where action is required.

metrics.breachedPasswordMetrics[tenantId].matchedCommonPasswordCountInteger

The total number of matched user accounts with a commonly compromised password.

metrics.breachedPasswordMetrics[tenantId].matchedExactCountInteger

The total number of matched user accounts with a compromised password exact match.

metrics.breachedPasswordMetrics[tenantId].matchedPasswordCountInteger

The total number of user accounts with matched passwords.

metrics.breachedPasswordMetrics[tenantId].matchedSubAddressCountInteger

The total number of sub-email user accounts that match a compromised password.

metrics.breachedPasswordMetrics[tenantId].passwordsCheckedCountInteger

The total number of user account passwords checked.

Example Response JSON

{
  "metrics": {
    "breachedPasswordMetrics": {
      "30663132-6464-6665-3032-326466613934": {
        "actionRequired": 6,
        "matchedCommonPasswordCount": 2,
        "matchedExactCount": 3,
        "matchedPasswordCount": 3,
        "matchedSubAddressCount": 1,
        "passwordsCheckedCount": 23
      }
    }
  }
}

Retrieve Reactor status

This API is used to retrieve the status of Reactor features.

Request

API Key Authentication
Retrieve Reactor status
GET /api/reactor

Response

Response Codes
Code Description
200 The request was successful. The response will contain a JSON body.
401 You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.
500 There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

Response Body

status.advancedIdentityProvidersString

The status for Advanced Identity Providers.

The possible following values:

  • ACTIVE - the feature is active
  • DISABLED - the feature is not available based upon your license
  • DISCONNECTED - the feature is not currently available due to connectivity issues
  • PENDING - the feature is in progress of being activated
  • UNKNOWN - the status of the feature is unknown
status.advancedLambdasStringAvailable since 1.35.0

The status for Advanced lambda features such Lambda HTTP Connect.

The possible following values:

  • ACTIVE - the feature is active
  • DISABLED - the feature is not available based upon your license
  • DISCONNECTED - the feature is not currently available due to connectivity issues
  • PENDING - the feature is in progress of being activated
  • UNKNOWN - the status of the feature is unknown
status.advancedMultiFactorAuthenticationString

The status for Advanced Multi-Factor Authentication.

The possible following values:

  • ACTIVE - the feature is active
  • DISABLED - the feature is not available based upon your license
  • DISCONNECTED - the feature is not currently available due to connectivity issues
  • PENDING - the feature is in progress of being activated
  • UNKNOWN - the status of the feature is unknown
status.advancedOAuthScopesStringAvailable since 1.50.0

The status for Advanced OAuth Scope features.

The possible following values:

  • ACTIVE - the feature is active
  • DISABLED - the feature is not available based upon your license
  • DISCONNECTED - the feature is not currently available due to connectivity issues
  • PENDING - the feature is in progress of being activated
  • UNKNOWN - the status of the feature is unknown
status.advancedOAuthScopesCustomScopesStringAvailable since 1.50.0

The status for creating custom OAuth scopes.

The possible following values:

  • ACTIVE - the feature is active
  • DISABLED - the feature is not available based upon your license
  • DISCONNECTED - the feature is not currently available due to connectivity issues
  • PENDING - the feature is in progress of being activated
  • UNKNOWN - the status of the feature is unknown
status.advancedOAuthScopesThirdPartyApplicationsStringAvailable since 1.50.0

The status for configuring Applications as third-party to enable OAuth scope consent prompts.

The possible following values:

  • ACTIVE - the feature is active
  • DISABLED - the feature is not available based upon your license
  • DISCONNECTED - the feature is not currently available due to connectivity issues
  • PENDING - the feature is in progress of being activated
  • UNKNOWN - the status of the feature is unknown
status.advancedRegistrationString

The status for Advanced Registration Forms.

The possible following values:

  • ACTIVE - the feature is active
  • DISABLED - the feature is not available based upon your license
  • DISCONNECTED - the feature is not currently available due to connectivity issues
  • PENDING - the feature is in progress of being activated
  • UNKNOWN - the status of the feature is unknown
status.applicationMultiFactorAuthenticationStringAvailable since 1.37.0

The status for Application scoped Multi-Factor authentication configuration.

The possible following values:

  • ACTIVE - the feature is active
  • DISABLED - the feature is not available based upon your license
  • DISCONNECTED - the feature is not currently available due to connectivity issues
  • PENDING - the feature is in progress of being activated
  • UNKNOWN - the status of the feature is unknown
status.applicationThemesString

The status for Application Themes.

The possible following values:

  • ACTIVE - the feature is active
  • DISABLED - the feature is not available based upon your license
  • DISCONNECTED - the feature is not currently available due to connectivity issues
  • PENDING - the feature is in progress of being activated
  • UNKNOWN - the status of the feature is unknown
status.breachedPasswordDetectionString

The status for Breached Password Detection. The possible following values:

  • ACTIVE - the feature is active
  • DISCONNECTED - the feature is currently disconnected
  • PENDING - the feature is pending while waiting to complete key exchange with Reactor
  • UNKNOWN - the status of the feature is unknown
status.connectorsString

The status for Connectors.

The possible following values:

  • ACTIVE - the feature is active
  • DISABLED - the feature is not available based upon your license
  • DISCONNECTED - the feature is not currently available due to connectivity issues
  • PENDING - the feature is in progress of being activated
  • UNKNOWN - the status of the feature is unknown
status.entityManagementString

The status for Entity Management.

The possible following values:

  • ACTIVE - the feature is active
  • DISABLED - the feature is not available based upon your license
  • DISCONNECTED - the feature is not currently available due to connectivity issues
  • PENDING - the feature is in progress of being activated
  • UNKNOWN - the status of the feature is unknown
status.expirationStringAvailable since 1.36.0

If the license is configured to be air-gapped, this value will be returned to indicate the license expiration. An air-gapped license is one that does not require egress network connectivity to the FusionAuth license server. If the license is not configured to be air-gapped, then this field will not be returned in the response.

The expiration string is formatted as an ISO-8601 string in the form YYYY-MM-DD.

status.licenseAttributesMap<String, String>Available since 1.37.0

A set of attributes describing the license, this is primarily used for internal use and may help describe the license. The values returned in this object are subject to change.

status.licensedBoolean

Whether or not the FusionAuth Reactor has been activated with a valid license. This is synonymous with a licensed instance of FusionAuth.

status.scimServerStringAvailable since 1.36.0

The status for the SCIM Server features.

The possible following values:

  • ACTIVE - the feature is active
  • DISABLED - the feature is not available based upon your license
  • DISCONNECTED - the feature is not currently available due to connectivity issues
  • PENDING - the feature is in progress of being activated
  • UNKNOWN - the status of the feature is unknown
status.threatDetectionStringAvailable since 1.30.0

The status for the Threat Detection feature set.

The possible following values:

  • ACTIVE - the feature is active
  • DISABLED - the feature is not available based upon your license
  • DISCONNECTED - the feature is not currently available due to connectivity issues
  • PENDING - the feature is in progress of being activated
  • UNKNOWN - the status of the feature is unknown
status.webAuthnStringAvailable since 1.41.0

The status for WebAuthn features.

The possible following values:

  • ACTIVE - the feature is active
  • DISABLED - the feature is not available based upon your license
  • DISCONNECTED - the feature is not currently available due to connectivity issues
  • PENDING - the feature is in progress of being activated
  • UNKNOWN - the status of the feature is unknown
status.webAuthnPlatformAuthenticatorsStringAvailable since 1.41.0

The status for WebAuthn platform authenticators.

The possible following values:

  • ACTIVE - the feature is active
  • DISABLED - the feature is not available based upon your license
  • DISCONNECTED - the feature is not currently available due to connectivity issues
  • PENDING - the feature is in progress of being activated
  • UNKNOWN - the status of the feature is unknown
status.webAuthnRoamingAuthenticatorsStringAvailable since 1.41.0

The status for WebAuthn roaming, or cross-platform, authenticators.

The possible following values:

  • ACTIVE - the feature is active
  • DISABLED - the feature is not available based upon your license
  • DISCONNECTED - the feature is not currently available due to connectivity issues
  • PENDING - the feature is in progress of being activated
  • UNKNOWN - the status of the feature is unknown

Example Response JSON

{
  "status": {
    "advancedIdentityProviders": "ACTIVE",
    "advancedLambdas": "DISABLED",
    "advancedMultiFactorAuthentication": "ACTIVE",
    "advancedRegistration": "ACTIVE",
    "applicationMultiFactorAuthentication": "ACTIVE",
    "applicationThemes": "ACTIVE",
    "breachedPasswordDetection": "PENDING",
    "connectors": "ACTIVE",
    "entityManagement": "ACTIVE",
    "licenseAttributes": {
      "LicenseType": "Production",
      "LicensedPlan": "Enterprise"
    },
    "licensed": true,
    "scimServer": "ACTIVE",
    "threatDetection": "ACTIVE",
    "webAuthn": "ACTIVE",
    "webAuthnPlatformAuthenticators": "ACTIVE",
    "webAuthnRoamingAuthenticators": "ACTIVE"
  }
}

Regenerate Reactor license

This API is used to make requests from FusionAuth to the License server to regenerate a license. This is particularly useful if it is suspected that the license key has been compromised and a new one is needed.

Regenerating the license will cause any other instance using the license to revert to community edition features. All configuration will be maintained, but any paid edition functionality will be disabled. The instance of FusionAuth that makes this API request will be updated to use the new license key, but each additional instance requiring a license will need the updated license key.

Request

API Key Authentication
Regenerate a Reactor license
PUT /api/reactor

Response

This API does not return a JSON response body.

Response Codes
Code Description
200 The request was successful. The response will be empty.
400 The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.
401 You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.
404 The object you are trying to update doesn't exist. The response will be empty.
500 There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

Deactivate Reactor license

This API is used to deactivate a Reactor license. If Breached Password Detection was being used it will no longer work, licensed features can no longer be enabled, and existing configurations may no longer work if they use licensed features.

Request

API Key Authentication
Deactivate Reactor license
DELETE /api/reactor

Response

This API does not return a JSON response body.

Response Codes
Code Description
200 The request was successful. The response will be empty.
400 The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.
401 You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.
404 The object you requested doesn't exist. The response will be empty.
500 There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.