We have lambdas (basically JavaScript code that can make API calls[0] and be managed and tested[1]) that execute at fixed points in the auth lifecycle:
- before a login is allowed
- before a token is created
- after a user returns from a federated login (SAML, OIDC, etc)
- before a user registers
And more[2].
And we're currently working on one for "before an MFA challenge is issued"[3].
There are some limitations[4]. We don't allow, for instance, loading of arbitrary JavaScript libraries.
Not sure if that meets all your needs, but thought it was worth mentioning.
We have lambdas (basically JavaScript code that can make API calls[0] and be managed and tested[1]) that execute at fixed points in the auth lifecycle:
- before a login is allowed
- before a token is created
- after a user returns from a federated login (SAML, OIDC, etc)
- before a user registers
And more[2].
And we're currently working on one for "before an MFA challenge is issued"[3].
There are some limitations[4]. We don't allow, for instance, loading of arbitrary JavaScript libraries.
Not sure if that meets all your needs, but thought it was worth mentioning.
0: https://fusionauth.io/docs/extend/code/lambdas/lambda-remote...
1: https://fusionauth.io/docs/extend/code/lambdas/testing
2: full list here: https://fusionauth.io/docs/extend/code/lambdas/
3: https://github.com/FusionAuth/fusionauth-issues/issues/2309
4: https://fusionauth.io/docs/extend/code/lambdas/#limitations