### Build Project with Maven Source: https://github.com/fusionauth/fusionauth-java-client/blob/develop/README.md Compile and install the project locally using the Maven build tool. This command is typically run from the project's root directory. ```bash $ mvn install ``` -------------------------------- ### Retrieve Analytics Reports Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Retrieves various usage analytics reports. This example shows how to fetch daily active users, login counts, and global registration totals. ```java import io.fusionauth.domain.api.report.*; import java.time.ZoneOffset; import java.time.ZonedDateTime; import java.util.UUID; long end = System.currentTimeMillis(); long start = end - 30L * 24 * 60 * 60 * 1000; // 30 days ago UUID appId = UUID.fromString("68364852-7a38-4e15-8c48-394eceafa601"); // Daily active users ClientResponse dauReport = client.retrieveDailyActiveReport(appId, start, end); dauReport.successResponse.dailyActiveUsers.forEach(day -> System.out.println(day.interval + ": " + day.count + " users")); // Login report ClientResponse loginReport = client.retrieveLoginReport(appId, start, end); System.out.println("Total logins: " + loginReport.successResponse.total); // Global totals (all applications) ClientResponse totals = client.retrieveTotalReport(); System.out.println("Total users: " + totals.successResponse.globalRegistrations); ``` -------------------------------- ### Perform Integration Build with Savant Source: https://github.com/fusionauth/fusionauth-java-client/blob/develop/README.md Execute an integration build for the project using the Savant build tool after it has been set up. This command assumes Savant is installed and configured in the PATH. ```bash $ sb int ``` -------------------------------- ### Passwordless Login Flow with Java Client Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Implements a full magic-link or passwordless login flow in three steps: starting the process, sending the code, and completing the login. ```java import io.fusionauth.domain.api.passwordless.*; import java.util.UUID; UUID applicationId = UUID.fromString("68364852-7a38-4e15-8c48-394eceafa601"); // Step 1: Generate a code PasswordlessStartRequest startReq = new PasswordlessStartRequest(); startReq.applicationId = applicationId; startReq.loginId = "joe@example.com"; ClientResponse startResp = client.startPasswordlessLogin(startReq); String code = startResp.successResponse.code; // Step 2: Send the code via email PasswordlessSendRequest sendReq = new PasswordlessSendRequest(); sendReq.code = code; client.sendPasswordlessCode(sendReq); // Step 3: Complete login with the code the user received PasswordlessLoginRequest loginReq = new PasswordlessLoginRequest(); loginReq.code = code; loginReq.applicationId = applicationId; ClientResponse loginResp = client.passwordlessLogin(loginReq); if (loginResp.wasSuccessful()) { System.out.println("Token: " + loginResp.successResponse.token); } ``` -------------------------------- ### Initiate Password Reset (Java) Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Starts the password reset workflow by sending a reset email to the user. The `changePasswordId` can be used directly if email sending is not desired. ```java import io.fusionauth.domain.api.user.ForgotPasswordRequest; import io.fusionauth.domain.api.user.ForgotPasswordResponse; ForgotPasswordRequest request = new ForgotPasswordRequest(); request.loginId = "joe@example.com"; request.sendForgotPasswordEmail = true; request.applicationId = UUID.fromString("68364852-7a38-4e15-8c48-394eceafa601"); ClientResponse response = client.forgotPassword(request); if (response.wasSuccessful()) { // changePasswordId can be used directly if not sending email System.out.println("Change password Id: " + response.successResponse.changePasswordId); } ``` -------------------------------- ### Create Lambda (Serverless Function) Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Creates a JavaScript lambda function for FusionAuth. This example demonstrates creating a lambda for the JWTPopulate type, which can add custom claims to JWTs. ```java import io.fusionauth.domain.Lambda; import io.fusionauth.domain.LambdaType; import io.fusionauth.domain.api.LambdaRequest; import io.fusionauth.domain.api.LambdaResponse; LambdaRequest request = new LambdaRequest(); request.lambda = new Lambda(); request.lambda.name = "Enrich JWT with custom claims"; request.lambda.type = LambdaType.JWTPopulate; request.lambda.enabled = true; request.lambda.body = "function populate(jwt, user, registration) {\n" + " jwt.custom_claim = user.data.externalId;\n" + " jwt.roles = registration.roles;\n" + "}"; ClientResponse response = client.createLambda(null, request); if (response.wasSuccessful()) { System.out.println("Lambda Id: " + response.successResponse.lambda.id); } ``` -------------------------------- ### Set up Savant Build Tool Source: https://github.com/fusionauth/fusionauth-java-client/blob/develop/README.md Instructions for downloading, extracting, and setting up the Savant build tool for compiling the project. This involves downloading a tarball, creating a symlink, and updating the PATH environment variable. ```bash mkdir ~/savant cd ~/savant wget http://savant.inversoft.org/org/savantbuild/savant-core/2.0.0-RC.7/savant-2.0.0-RC.7.tar.gz tar xvfz savant-2.0.0-RC.7.tar.gz ln -s ./savant-2.0.0-RC.7 current export PATH=$PATH:~/savant/current/bin/ ``` -------------------------------- ### Register User for Application (Java) Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Performs a full registration, creating a user and their registration for an application in a single call. Ensure the necessary domain classes are imported. ```java import io.fusionauth.domain.api.user.RegistrationRequest; import io.fusionauth.domain.api.user.RegistrationResponse; import io.fusionauth.domain.UserRegistration; import io.fusionauth.domain.User; import java.util.Arrays; import java.util.UUID; UUID applicationId = UUID.fromString("68364852-7a38-4e15-8c48-394eceafa601"); // Full registration: create user + register in one call RegistrationRequest request = new RegistrationRequest(); request.user = new User(); request.user.email = "newuser@example.com"; request.user.password = "Str0ngP@ssword!"; request.user.firstName = "Jane"; request.user.lastName = "Doe"; request.registration = new UserRegistration(); request.registration.applicationId = applicationId; request.registration.roles = Arrays.asList("user", "editor"); ClientResponse response = client.register(null, request); if (response.wasSuccessful()) { System.out.println("Created user: " + response.successResponse.user.id); System.out.println("Registration: " + response.successResponse.registration.id); } ``` -------------------------------- ### Create Group and Add Members with Java Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Use this snippet to create a new group and then add members to it. Ensure the necessary domain objects are imported. ```java import io.fusionauth.domain.Group; import io.fusionauth.domain.GroupMember; import io.fusionauth.domain.api.GroupRequest; import io.fusionauth.domain.api.GroupResponse; import io.fusionauth.domain.api.MemberRequest; import io.fusionauth.domain.api.MemberResponse; import java.util.Arrays; import java.util.UUID; // Create group GroupRequest groupRequest = new GroupRequest(); groupRequest.group = new Group(); groupRequest.group.name = "Administrators"; ClientResponse groupResponse = client.createGroup(null, groupRequest); UUID groupId = groupResponse.successResponse.group.id; // Add members MemberRequest memberRequest = new MemberRequest(); GroupMember member = new GroupMember(); member.userId = UUID.fromString("d5a3a5b3-4a95-41b1-99c1-07e5a2b7c5f2"); memberRequest.members = new java.util.HashMap<>(); memberRequest.members.put(groupId, Arrays.asList(member)); ClientResponse memberResponse = client.createGroupMembers(memberRequest); System.out.println("Added members: " + memberResponse.wasSuccessful()); ``` -------------------------------- ### startPasswordlessLogin / sendPasswordlessCode / passwordlessLogin Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Implements a full magic-link / passwordless login flow. ```APIDOC ## `startPasswordlessLogin` / `sendPasswordlessCode` / `passwordlessLogin` — Passwordless Login ### Description Implements a full magic-link / passwordless login flow. ### Method POST ### Endpoints - **startPasswordlessLogin**: `/passwordless/start` - **sendPasswordlessCode**: `/passwordless/send` - **passwordlessLogin**: `/passwordless/login` ### Parameters #### `startPasswordlessLogin` Request Body - **applicationId** (UUID) - Required - The ID of the application. - **loginId** (string) - Required - The user's login ID (e.g., email address). #### `sendPasswordlessCode` Request Body - **code** (string) - Required - The passwordless code generated by `startPasswordlessLogin`. #### `passwordlessLogin` Request Body - **code** (string) - Required - The passwordless code received by the user. - **applicationId** (UUID) - Required - The ID of the application. ### Request Example (Flow) ```java // Step 1: Generate a code PasswordlessStartRequest startReq = new PasswordlessStartRequest(); startReq.applicationId = applicationId; startReq.loginId = "joe@example.com"; ClientResponse startResp = client.startPasswordlessLogin(startReq); String code = startResp.successResponse.code; // Step 2: Send the code via email PasswordlessSendRequest sendReq = new PasswordlessSendRequest(); sendReq.code = code; client.sendPasswordlessCode(sendReq); // Step 3: Complete login with the code the user received PasswordlessLoginRequest loginReq = new PasswordlessLoginRequest(); loginReq.code = code; loginReq.applicationId = applicationId; ClientResponse loginResp = client.passwordlessLogin(loginReq); ``` ### Response #### `startPasswordlessLogin` Success Response (200) - **code** (string) - The generated passwordless code. #### `sendPasswordlessCode` Success Response (204) No content is returned upon successful sending. #### `passwordlessLogin` Success Response (200) - **token** (string) - The access token obtained after successful login. ``` -------------------------------- ### Build the FusionAuth Java Client Source: https://github.com/fusionauth/fusionauth-java-client/blob/develop/README.md Instantiate the FusionAuthClient with an API key and the FusionAuth server URL. Ensure the API key and URL are correct for your FusionAuth instance. ```java String apiKey = "5a826da2-1e3a-49df-85ba-cd88575e4e9d"; FusionAuthClient client = new FusionAuthClient(apiKey, "http://localhost:9011"); ``` -------------------------------- ### Instantiate FusionAuthClient Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Create a FusionAuthClient instance by providing your API key and FusionAuth server URL. Overloads allow specifying custom timeouts and a tenant ID for multi-tenant scoping. Basic retry configuration for 409 conflicts can also be enabled. ```java import io.fusionauth.client.FusionAuthClient; // Basic client (2000 ms connect/read timeouts) FusionAuthClient client = new FusionAuthClient("your-api-key", "http://localhost:9011"); // With a specific tenant Id FusionAuthClient tenantClient = new FusionAuthClient("your-api-key", "http://localhost:9011", "3c219e58-ed0e-4b18-ad48-f4f92793ae32"); // With custom timeouts (ms) and tenant FusionAuthClient customClient = new FusionAuthClient("your-api-key", "http://localhost:9011", 5000, 10000, "3c219e58-ed0e-4b18-ad48-f4f92793ae32"); // Enable basic retry on retryable 409 conflicts customClient.retryConfiguration = FusionAuthClient.BASIC_RETRY_CONFIGURATION; ``` -------------------------------- ### createApplication Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Creates a new FusionAuth application, which defines security settings, OAuth configurations, and JWT policies for a client application. ```APIDOC ## `createApplication` — Create an Application Creates a new FusionAuth application with optional OAuth, JWT, and registration configuration. ```java import io.fusionauth.domain.Application; import io.fusionauth.domain.api.ApplicationRequest; import io.fusionauth.domain.api.ApplicationResponse; ApplicationRequest request = new ApplicationRequest(); request.application = new Application(); request.application.name = "My Web App"; request.application.oauthConfiguration = new io.fusionauth.domain.Application.ApplicationOAuthConfiguration(); request.application.oauthConfiguration.clientSecret = "super-secret"; request.application.oauthConfiguration.authorizedRedirectURLs = java.util.Arrays.asList("https://myapp.com/oauth-callback"); request.application.oauthConfiguration.enabledGrants = new java.util.HashSet<>(java.util.Arrays.asList( io.fusionauth.domain.oauth2.GrantType.authorization_code, io.fusionauth.domain.oauth2.GrantType.refresh_token )); ClientResponse response = client.createApplication(null, request); if (response.wasSuccessful()) { System.out.println("App Id: " + response.successResponse.application.id); System.out.println("Client Id: " + response.successResponse.application.oauthConfiguration.clientId); } ``` ``` -------------------------------- ### Bulk Import Users with Java Client Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Import users in bulk from another system for high-throughput migrations. Set `validateDbConstraints` to `false` for faster imports, or `true` for detailed error reporting. ```java import io.fusionauth.domain.User; import io.fusionauth.domain.api.user.ImportRequest; import java.util.ArrayList; import java.util.List; ImportRequest request = new ImportRequest(); request.validateDbConstraints = false; // true for detailed error reporting (slower) List users = new ArrayList<>(); for (int i = 0; i < 1000; i++) { User u = new User(); u.email = "user" + i + "@example.com"; u.encryptionScheme = "bcrypt"; u.factor = 12; u.password = "$2a$12$hashed_password_here"; users.add(u); } request.users = users; ClientResponse response = client.importUsers(request); System.out.println("Import success: " + response.wasSuccessful()); ``` -------------------------------- ### Create Google Identity Provider with Java Client Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Configure a Google identity provider for federated login. Set the client ID, client secret, and button text. ```java import io.fusionauth.domain.api.IdentityProviderRequest; import io.fusionauth.domain.api.IdentityProviderResponse; import io.fusionauth.domain.provider.GoogleIdentityProvider; IdentityProviderRequest request = new IdentityProviderRequest(); GoogleIdentityProvider google = new GoogleIdentityProvider(); google.clientId = "google-client-id.apps.googleusercontent.com"; google.clientSecret = "google-client-secret"; google.buttonText = "Sign in with Google"; google.enabled = true; request.identityProvider = google; ClientResponse response = client.createIdentityProvider(null, request); if (response.wasSuccessful()) { System.out.println("IdP Id: " + response.successResponse.identityProvider.getId()); } ``` -------------------------------- ### Create FusionAuth Tenant Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Creates a new tenant for multi-tenant FusionAuth deployments. Requires a tenant name and an issuer URL. ```java import io.fusionauth.domain.Tenant; import io.fusionauth.domain.api.TenantRequest; import io.fusionauth.domain.api.TenantResponse; TenantRequest request = new TenantRequest(); request.tenant = new Tenant(); request.tenant.name = "Acme Corp"; request.tenant.issuer = "https://acme.example.com"; ClientResponse response = client.createTenant(null, request); if (response.wasSuccessful()) { System.out.println("Tenant Id: " + response.successResponse.tenant.id); } ``` -------------------------------- ### Retrieve OIDC Discovery and JWKS - Java Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Use these methods to fetch the OIDC discovery document and the JSON Web Key Set for JWT verification. Ensure the FusionAuth client is properly initialized. ```java import io.fusionauth.domain.OpenIdConfiguration; import io.fusionauth.domain.oauth2.JWKSResponse; // OIDC discovery document ClientResponse oidcConfig = client.retrieveOpenIdConfiguration(); System.out.println("Issuer: " + oidcConfig.successResponse.issuer); System.out.println("Authorization endpoint: " + oidcConfig.successResponse.authorization_endpoint); System.out.println("Token endpoint: " + oidcConfig.successResponse.token_endpoint); // JSON Web Key Set for JWT verification ClientResponse jwks = client.retrieveJsonWebKeySet(); System.out.println("Keys available: " + jwks.successResponse.keys.size()); ``` -------------------------------- ### PKCE Code Exchange for Access Token with Java Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Recommended for public clients, this exchanges an authorization code and PKCE code verifier for an access token. Client secret should be null. ```java ClientResponse response = client.exchangeOAuthCodeForAccessTokenUsingPKCE( "the-authorization-code", "68364852-7a38-4e15-8c48-394eceafa601", null, // client_secret (null for public client) "https://myapp.com/oauth-callback", "the-code-verifier-generated-before-authorization" ); if (response.wasSuccessful()) { System.out.println("Access token: " + response.successResponse.access_token); } ``` -------------------------------- ### createAPIKey Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Creates a new API key with configurable endpoint-level permissions, optionally scoped to a tenant. ```APIDOC ## `createAPIKey` — Create an API Key Creates a new API key with configurable endpoint-level permissions, optionally scoped to a tenant. ```java import io.fusionauth.domain.APIKey; import io.fusionauth.domain.api.APIKeyRequest; import io.fusionauth.domain.api.APIKeyResponse; import java.util.Arrays; APIKeyRequest request = new APIKeyRequest(); request.apiKey = new APIKey(); request.apiKey.description = "Read-only reporting key"; request.apiKey.permissions = new APIKey.APIKeyPermissions(); request.apiKey.permissions.endpoints = new java.util.HashMap<>(); // Allow only GET on user search request.apiKey.permissions.endpoints.put("/api/user/search", Arrays.asList("GET")); request.apiKey.permissions.endpoints.put("/api/report/totals", Arrays.asList("GET")); ClientResponse response = client.createAPIKey(null, request); if (response.wasSuccessful()) { System.out.println("New API key: " + response.successResponse.apiKey.key); } ``` ``` -------------------------------- ### Manage Webhooks with Java Client Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Create, retrieve, and delete webhooks using the FusionAuth Java client. Ensure the webhook URL and event types are correctly configured. ```java import io.fusionauth.domain.Webhook; import io.fusionauth.domain.api.WebhookRequest; import io.fusionauth.domain.api.WebhookResponse; import java.util.Arrays; // Create WebhookRequest req = new WebhookRequest(); req.webhook = new Webhook(); req.webhook.url = "https://myapp.com/fusionauth/events"; req.webhook.eventsEnabled = new java.util.HashMap<>(); req.webhook.eventsEnabled.put(io.fusionauth.domain.EventType.UserCreate, true); req.webhook.eventsEnabled.put(io.fusionauth.domain.EventType.UserDelete, true); req.webhook.connectTimeout = 3000; req.webhook.readTimeout = 3000; ClientResponse created = client.createWebhook(null, req); System.out.println("Webhook Id: " + created.successResponse.webhook.id); // Retrieve ClientResponse retrieved = client.retrieveWebhook(created.successResponse.webhook.id); // Delete ClientResponse deleted = client.deleteWebhook(created.successResponse.webhook.id); ``` -------------------------------- ### createTenant Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Creates a new tenant within a FusionAuth deployment, used for isolating data and configurations in multi-tenant environments. ```APIDOC ## `createTenant` — Create a Tenant Creates a new tenant for multi-tenant FusionAuth deployments. ```java import io.fusionauth.domain.Tenant; import io.fusionauth.domain.api.TenantRequest; import io.fusionauth.domain.api.TenantResponse; TenantRequest request = new TenantRequest(); request.tenant = new Tenant(); request.tenant.name = "Acme Corp"; request.tenant.issuer = "https://acme.example.com"; ClientResponse response = client.createTenant(null, request); if (response.wasSuccessful()) { System.out.println("Tenant Id: " + response.successResponse.tenant.id); } ``` ``` -------------------------------- ### Register User Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Registers an existing user for an application or performs a full registration (creates user and registration in one call). ```APIDOC ## register — Register a User for an Application Registers an existing user for an application, or performs a full registration (creates user + registration in one call). ```java import io.fusionauth.domain.api.user.RegistrationRequest; import io.fusionauth.domain.api.user.RegistrationResponse; import io.fusionauth.domain.UserRegistration; import io.fusionauth.domain.User; import java.util.Arrays; import java.util.UUID; UUID applicationId = UUID.fromString("68364852-7a38-4e15-8c48-394eceafa601"); // Full registration: create user + register in one call RegistrationRequest request = new RegistrationRequest(); request.user = new User(); request.user.email = "newuser@example.com"; request.user.password = "Str0ngP@ssword!"; request.user.firstName = "Jane"; request.user.lastName = "Doe"; request.registration = new UserRegistration(); request.registration.applicationId = applicationId; request.registration.roles = Arrays.asList("user", "editor"); ClientResponse response = client.register(null, request); if (response.wasSuccessful()) { System.out.println("Created user: " + response.successResponse.user.id); System.out.println("Registration: " + response.successResponse.registration.id); } ``` ``` -------------------------------- ### createGroup / createGroupMembers Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Creates a group and adds members to it. This operation involves two distinct steps: first creating the group, then adding members to the newly created group. ```APIDOC ## `createGroup` / `createGroupMembers` — Groups Creates a group and adds members to it. ### Description This operation first creates a new group with a specified name and then allows for the addition of members to that group using their user IDs. ### Method POST (for `createGroup`) POST (for `createGroupMembers`) ### Endpoint `/api/group` (for `createGroup`) `/api/group/member` (for `createGroupMembers`) ### Request Body (for `createGroup`) - **group** (Group) - Required - The group object to create. - **name** (string) - Required - The name of the group. ### Response (for `createGroup`) #### Success Response (200) - **group** (Group) - The created group object, including its ID. ### Request Body (for `createGroupMembers`) - **members** (Map>) - Required - A map where keys are group IDs and values are lists of GroupMember objects to add. - **userId** (UUID) - Required - The ID of the user to add as a member. ### Response (for `createGroupMembers`) #### Success Response (200) - **success** (boolean) - Indicates if the members were successfully added. ``` -------------------------------- ### Complete Social/Federated Login with Java Client Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Log in a user using a token or code obtained from a third-party identity provider. Requires application and identity provider IDs. ```java import io.fusionauth.domain.api.identityProvider.IdentityProviderLoginRequest; import io.fusionauth.domain.api.LoginResponse; import java.util.UUID; IdentityProviderLoginRequest request = new IdentityProviderLoginRequest(); request.applicationId = UUID.fromString("68364852-7a38-4e15-8c48-394eceafa601"); request.identityProviderId = UUID.fromString("google-idp-uuid-here"); request.data = new java.util.HashMap<>(); request.data.put("token", "google-id-token-from-frontend"); request.noJWT = false; ClientResponse response = client.identityProviderLogin(request); if (response.wasSuccessful()) { System.out.println("FusionAuth token: " + response.successResponse.token); System.out.println("User Id: " + response.successResponse.user.id); } ``` -------------------------------- ### FusionAuthClient Constructor Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Instantiates a FusionAuthClient bound to a FusionAuth server. Overloads allow specifying connect/read timeouts and a tenant Id. Basic retry on retryable 409 conflicts can also be enabled. ```APIDOC ## FusionAuthClient Constructor ### Description Instantiates a client bound to a FusionAuth server. Overloads allow specifying connect/read timeouts and a tenant Id. ### Constructor Overloads ```java // Basic client (2000 ms connect/read timeouts) FusionAuthClient client = new FusionAuthClient("your-api-key", "http://localhost:9011"); // With a specific tenant Id FusionAuthClient tenantClient = new FusionAuthClient("your-api-key", "http://localhost:9011", "3c219e58-ed0e-4b18-ad48-f4f92793ae32"); // With custom timeouts (ms) and tenant FusionAuthClient customClient = new FusionAuthClient("your-api-key", "http://localhost:9011", 5000, 10000, "3c219e58-ed0e-4b18-ad48-f4f92793ae32"); // Enable basic retry on retryable 409 conflicts customClient.retryConfiguration = FusionAuthClient.BASIC_RETRY_CONFIGURATION; ``` ``` -------------------------------- ### Create API Key with Permissions Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Creates a new API key with specific endpoint permissions. The permissions can be scoped to allow only certain HTTP methods on specific API endpoints. ```java import io.fusionauth.domain.APIKey; import io.fusionauth.domain.api.APIKeyRequest; import io.fusionauth.domain.api.APIKeyResponse; import java.util.Arrays; APIKeyRequest request = new APIKeyRequest(); request.apiKey = new APIKey(); request.apiKey.description = "Read-only reporting key"; request.apiKey.permissions = new APIKey.APIKeyPermissions(); request.apiKey.permissions.endpoints = new java.util.HashMap<>(); // Allow only GET on user search request.apiKey.permissions.endpoints.put("/api/user/search", Arrays.asList("GET")); request.apiKey.permissions.endpoints.put("/api/report/totals", Arrays.asList("GET")); ClientResponse response = client.createAPIKey(null, request); if (response.wasSuccessful()) { System.out.println("New API key: " + response.successResponse.apiKey.key); } ``` -------------------------------- ### Create User Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Creates a new user without registering them for any application. ```APIDOC ## createUser — Create a User Creates a new user without registering them for any application. ```java import io.fusionauth.domain.api.UserRequest; import io.fusionauth.domain.api.UserResponse; import io.fusionauth.domain.User; UserRequest request = new UserRequest(); request.user = new User(); request.user.email = "admin@example.com"; request.user.password = "InitialPass1!"; request.user.firstName = "Admin"; request.user.lastName = "User"; request.user.mobilePhone = "+1 555-555-5555"; ClientResponse response = client.createUser(null, request); // null = auto-generate UUID if (response.wasSuccessful()) { System.out.println("New user Id: " + response.successResponse.user.id); } ``` ``` -------------------------------- ### Bulk Import Users Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Import multiple users into FusionAuth efficiently with minimal validation. ```APIDOC ## Bulk Import Users Bulk-imports users from another system with minimal validation for high-throughput migrations. ### Import Users **Description**: Imports a list of users into FusionAuth in bulk. **Method**: POST (Implied by `importUsers` client method) **Endpoint**: Not explicitly defined, but typically a user import endpoint. **Request Body**: Requires an `ImportRequest` object containing a list of `User` objects and import options. **Example**: ```java import io.fusionauth.domain.User; import io.fusionauth.domain.api.user.ImportRequest; import java.util.ArrayList; import java.util.List; ImportRequest request = new ImportRequest(); request.validateDbConstraints = false; // true for detailed error reporting (slower) List users = new ArrayList<>(); for (int i = 0; i < 1000; i++) { User u = new User(); u.email = "user" + i + "@example.com"; u.encryptionScheme = "bcrypt"; u.factor = 12; u.password = "$2a$12$hashed_password_here"; users.add(u); } request.users = users; ClientResponse response = client.importUsers(request); System.out.println("Import success: " + response.wasSuccessful()); ``` ``` -------------------------------- ### Create FusionAuth Application Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Creates a new FusionAuth application with optional OAuth, JWT, and registration configurations. Key configurations include the application name, OAuth client secret, authorized redirect URLs, and enabled grant types. ```java import io.fusionauth.domain.Application; import io.fusionauth.domain.api.ApplicationRequest; import io.fusionauth.domain.api.ApplicationResponse; ApplicationRequest request = new ApplicationRequest(); request.application = new Application(); request.application.name = "My Web App"; request.application.oauthConfiguration = new io.fusionauth.domain.Application.ApplicationOAuthConfiguration(); request.application.oauthConfiguration.clientSecret = "super-secret"; request.application.oauthConfiguration.authorizedRedirectURLs = java.util.Arrays.asList("https://myapp.com/oauth-callback"); request.application.oauthConfiguration.enabledGrants = new java.util.HashSet<>(java.util.Arrays.asList( io.fusionauth.domain.oauth2.GrantType.authorization_code, io.fusionauth.domain.oauth2.GrantType.refresh_token )); ClientResponse response = client.createApplication(null, request); if (response.wasSuccessful()) { System.out.println("App Id: " + response.successResponse.application.id); System.out.println("Client Id: " + response.successResponse.application.oauthConfiguration.clientId); } ``` -------------------------------- ### Create User (Java) Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Creates a new user account without registering them for any specific application. The user UUID can be auto-generated by passing null. ```java import io.fusionauth.domain.api.UserRequest; import io.fusionauth.domain.api.UserResponse; import io.fusionauth.domain.User; UserRequest request = new UserRequest(); request.user = new User(); request.user.email = "admin@example.com"; request.user.password = "InitialPass1!"; request.user.firstName = "Admin"; request.user.lastName = "User"; request.user.mobilePhone = "+1 555-555-5555"; ClientResponse response = client.createUser(null, request); // null = auto-generate UUID if (response.wasSuccessful()) { System.out.println("New user Id: " + response.successResponse.user.id); } ``` -------------------------------- ### Webhooks Management Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Create, retrieve, and delete webhooks to receive system event notifications from FusionAuth. ```APIDOC ## Webhooks Management Creates and manages webhooks that FusionAuth calls for system events. ### Create Webhook **Description**: Creates a new webhook to receive system event notifications. **Method**: POST (Implied by `createWebhook` client method) **Endpoint**: Not explicitly defined, but typically a webhook endpoint. **Request Body**: Requires a `WebhookRequest` object containing webhook configuration. **Example**: ```java import io.fusionauth.domain.Webhook; import io.fusionauth.domain.api.WebhookRequest; WebhookRequest req = new WebhookRequest(); req.webhook = new Webhook(); req.webhook.url = "https://myapp.com/fusionauth/events"; req.webhook.eventsEnabled = new java.util.HashMap<>(); req.webhook.eventsEnabled.put(io.fusionauth.domain.EventType.UserCreate, true); req.webhook.eventsEnabled.put(io.fusionauth.domain.EventType.UserDelete, true); req.webhook.connectTimeout = 3000; req.webhook.readTimeout = 3000; ClientResponse created = client.createWebhook(null, req); System.out.println("Webhook Id: " + created.successResponse.webhook.id); ``` ### Retrieve Webhook **Description**: Retrieves a webhook by its ID. **Method**: GET (Implied by `retrieveWebhook` client method) **Endpoint**: Not explicitly defined, but typically a webhook endpoint. **Parameters**: - **webhookId** (string) - Required - The ID of the webhook to retrieve. **Example**: ```java ClientResponse retrieved = client.retrieveWebhook(created.successResponse.webhook.id); ``` ### Delete Webhook **Description**: Deletes a webhook by its ID. **Method**: DELETE (Implied by `deleteWebhook` client method) **Endpoint**: Not explicitly defined, but typically a webhook endpoint. **Parameters**: - **webhookId** (string) - Required - The ID of the webhook to delete. **Example**: ```java ClientResponse deleted = client.deleteWebhook(created.successResponse.webhook.id); ``` ``` -------------------------------- ### Exchange Refresh Token for Access Token with Java Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Use this to obtain a new access token by providing an existing refresh token. Scope can be null to use the original scope. ```java ClientResponse response = client.exchangeRefreshTokenForAccessToken( "the-existing-refresh-token", "68364852-7a38-4e15-8c48-394eceafa601", // client_id "app-client-secret", // client_secret null, // scope (null = same as original) null // user_code (for device flow) ); if (response.wasSuccessful()) { System.out.println("New access token: " + response.successResponse.access_token); } ``` -------------------------------- ### Scope Client to a Tenant using setTenantId Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Create a new client instance that is scoped to a specific tenant UUID by calling `setTenantId`. All subsequent API calls made with this new client instance will include the `X-FusionAuth-TenantId` header. ```java import java.util.UUID; UUID tenantId = UUID.fromString("3c219e58-ed0e-4b18-ad48-f4f92793ae32"); FusionAuthClient tenantScopedClient = client.setTenantId(tenantId); // All subsequent calls on tenantScopedClient send X-FusionAuth-TenantId header ``` -------------------------------- ### Login a User with FusionAuth Java Client Source: https://github.com/fusionauth/fusionauth-java-client/blob/develop/README.md Perform a user login using the FusionAuthClient. This requires the application ID, username, and password. Check the result for success or errors. ```java UUID applicationId = UUID.fromString("68364852-7a38-4e15-8c48-394eceafa601"); LoginRequest request = new LoginRequest(applicationId, "joe@fusionauth.io", null, "abc123"); ClientResponse result = client.login(request); if (!result.wasSuccessful()) { // Error } // Hooray! Success ``` -------------------------------- ### Authenticate User with Login API Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Authenticate a user by providing their application ID, email, and password. Optionally, set the IP address. The response contains JWT tokens and user information upon successful authentication. Handle potential errors or exceptions. ```java import io.fusionauth.domain.api.LoginRequest; import io.fusionauth.domain.api.LoginResponse; import com.inversoft.error.Errors; import com.inversoft.rest.ClientResponse; import java.util.UUID; UUID applicationId = UUID.fromString("68364852-7a38-4e15-8c48-394eceafa601"); LoginRequest request = new LoginRequest(applicationId, "joe@example.com", null, "supersecret"); request.ipAddress = "203.0.113.42"; // optional ClientResponse response = client.login(request); if (response.wasSuccessful()) { LoginResponse loginResponse = response.successResponse; System.out.println("Access token: " + loginResponse.token); System.out.println("Refresh token: " + loginResponse.refreshToken); System.out.println("User Id: " + loginResponse.user.id); } else if (response.errorResponse != null) { System.out.println("Login failed: " + response.errorResponse); } else if (response.exception != null) { response.exception.printStackTrace(); } ``` -------------------------------- ### Search Users by Query (Java) Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Searches for users based on an Elasticsearch-compatible query. Supports pagination and sorting. Ensure to import necessary search-related domain classes. ```java import io.fusionauth.domain.api.user.SearchRequest; import io.fusionauth.domain.api.user.SearchResponse; import io.fusionauth.domain.search.UserSearchCriteria; import io.fusionauth.domain.search.SortField; import java.util.Arrays; SearchRequest request = new SearchRequest(); request.search = new UserSearchCriteria(); request.search.queryString = "email:*@example.com"; request.search.numberOfResults = 25; request.search.startRow = 0; request.search.sortFields = Arrays.asList( new SortField().with(sf -> { sf.name = "email"; sf.order = io.fusionauth.domain.SortOrder.asc; }) ); ClientResponse response = client.searchUsersByQuery(request); if (response.wasSuccessful()) { System.out.println("Total: " + response.successResponse.total); response.successResponse.users.forEach(u -> System.out.println(u.email)); } ``` -------------------------------- ### Retrieve OIDC Discovery and JWKS Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt This snippet demonstrates how to use the FusionAuth Java Client to fetch the OpenID Connect discovery document and the JSON Web Key Set (JWKS). The OIDC discovery document provides endpoints for OAuth2/OIDC flows, while the JWKS endpoint is used for verifying JWT signatures. ```APIDOC ## `retrieveOpenIdConfiguration` / `retrieveJsonWebKeySet` — OIDC Discovery Returns the OpenID Connect discovery document and JWKS endpoint for standard OIDC client configuration. ```java import io.fusionauth.domain.OpenIdConfiguration; import io.fusionauth.domain.oauth2.JWKSResponse; // OIDC discovery document ClientResponse oidcConfig = client.retrieveOpenIdConfiguration(); System.out.println("Issuer: " + oidcConfig.successResponse.issuer); System.out.println("Authorization endpoint: " + oidcConfig.successResponse.authorization_endpoint); System.out.println("Token endpoint: " + oidcConfig.successResponse.token_endpoint); // JSON Web Key Set for JWT verification ClientResponse jwks = client.retrieveJsonWebKeySet(); System.out.println("Keys available: " + jwks.successResponse.keys.size()); ``` ``` -------------------------------- ### Retrieve User (Java) Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Fetches user information using their unique identifier (UUID), email address, or login ID. The login ID can be an email or a username. ```java import io.fusionauth.domain.api.UserResponse; import java.util.UUID; // By UUID ClientResponse byId = client.retrieveUser( UUID.fromString("d5a3a5b3-4a95-41b1-99c1-07e5a2b7c5f2")); // By email ClientResponse byEmail = client.retrieveUserByEmail("joe@example.com"); // By loginId (email or username) ClientResponse byLogin = client.retrieveUserByLoginId("joe@example.com"); if (byLogin.wasSuccessful()) { System.out.println("Username: " + byLogin.successResponse.user.username); System.out.println("Email verified: " + byLogin.successResponse.user.verified); } ``` -------------------------------- ### deviceAuthorize / approveDevice Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Implements the OAuth 2.0 Device Authorization Grant (RFC 8628) for input-constrained devices. ```APIDOC ## `deviceAuthorize` / `approveDevice` — Device Authorization Grant ### Description Implements the OAuth 2.0 Device Authorization Grant (RFC 8628) for input-constrained devices. ### Method POST ### Endpoints - **deviceAuthorize**: `/oauth2/device-authorization` - **approveDevice**: `/oauth2/device-approval` ### Parameters #### `deviceAuthorize` Request Body - **clientId** (string) - Required - The client ID of the application. - **scope** (string) - Optional - The scopes requested for the access token. #### `approveDevice` Request Body - **clientId** (string) - Required - The client ID of the application. - **userAccessToken** (string) - Required - The access token of the user approving the device. - **userCode** (string) - Required - The user code displayed to the user for verification. ### Request Example (Flow) ```java String clientId = "68364852-7a38-4e15-8c48-394eceafa601"; // Step 1: Device requests a code ClientResponse deviceResp = client.deviceAuthorize(clientId, null, "openid offline_access"); // Step 2: User visits URI and enters code; backend approves: ClientResponse approvalResp = client.approveDevice(clientId, null, "user-access-token", deviceResp.successResponse.user_code); // Step 3: Device polls for access token (using exchangeRefreshTokenForAccessToken for polling) ClientResponse tokenResp = client.exchangeRefreshTokenForAccessToken(null, clientId, null, null, deviceResp.successResponse.user_code); ``` ### Response #### `deviceAuthorize` Success Response (200) - **user_code** (string) - The user-facing code for verification. - **verification_uri** (string) - The URI the user should visit to approve the device. #### `approveDevice` Success Response (200) - **approved** (boolean) - Indicates if the device approval was successful. ``` -------------------------------- ### Add FusionAuth Java Client Dependency via Maven Source: https://github.com/fusionauth/fusionauth-java-client/blob/develop/README.md Include the FusionAuth Java Client as a dependency in your Maven project by adding the provided XML snippet to your pom.xml file. ```xml io.fusionauth fusionauth-java-client 1.46.0 ``` -------------------------------- ### Client Credentials Grant for M2M Access with Java Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Obtains an access token for machine-to-machine communication using the client credentials grant. Requires client ID, secret, and target entity scope. ```java ClientResponse response = client.clientCredentialsGrant( "entity-client-id", "entity-client-secret", "target-entity:3c219e58-ed0e-4b18-ad48-f4f92793ae32:read write" ); if (response.wasSuccessful()) { System.out.println("M2M access token: " + response.successResponse.access_token); } ``` -------------------------------- ### Device Authorization Grant with Java Client Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Implements the OAuth 2.0 Device Authorization Grant for input-constrained devices. Involves requesting a code, user approval, and polling for an access token. ```java import io.fusionauth.domain.oauth2.*; String clientId = "68364852-7a38-4e15-8c48-394eceafa601"; // Step 1: Device requests a code ClientResponse deviceResp = client.deviceAuthorize(clientId, null, "openid offline_access"); if (deviceResp.wasSuccessful()) { System.out.println("User code: " + deviceResp.successResponse.user_code); System.out.println("Verification URI: " + deviceResp.successResponse.verification_uri); // Step 2: User visits URI and enters code; backend approves: ClientResponse approvalResp = client.approveDevice(clientId, null, "user-access-token", deviceResp.successResponse.user_code); // Step 3: Device polls for access token ClientResponse tokenResp = client.exchangeRefreshTokenForAccessToken(null, clientId, null, null, deviceResp.successResponse.user_code); } ``` -------------------------------- ### login Source: https://context7.com/fusionauth/fusionauth-java-client/llms.txt Authenticates a user with their credentials against a FusionAuth application and returns a JWT access token and optional refresh token. Includes optional fields like IP address. ```APIDOC ## login ### Description Authenticates a user with their credentials against a FusionAuth application and returns a JWT access token and optional refresh token. ### Method `POST` ### Endpoint `/oauth2/token` (Implied by client library usage) ### Parameters #### Request Body - **applicationId** (UUID) - Required - The ID of the FusionAuth application. - **email** (String) - Required - The user's email address. - **password** (String) - Required - The user's password. - **ipAddress** (String) - Optional - The IP address of the client making the request. ### Request Example ```java import io.fusionauth.domain.api.LoginRequest; import java.util.UUID; UUID applicationId = UUID.fromString("68364852-7a38-4e15-8c48-394eceafa601"); LoginRequest request = new LoginRequest(applicationId, "joe@example.com", null, "supersecret"); request.ipAddress = "203.0.113.42"; // optional ``` ### Response #### Success Response (200) - **token** (String) - The JWT access token. - **refreshToken** (String) - The refresh token (if issued). - **user** (Object) - The authenticated user object, containing at least an `id` field. #### Response Example ```java // Assuming response is a ClientResponse if (response.wasSuccessful()) { LoginResponse loginResponse = response.successResponse; System.out.println("Access token: " + loginResponse.token); System.out.println("Refresh token: " + loginResponse.refreshToken); System.out.println("User Id: " + loginResponse.user.id); } ``` #### Error Handling - If login fails, `response.errorResponse` will contain details. - If the server cannot be reached, `response.exception` will be populated. ```