Skip to content

Instantly share code, notes, and snippets.

@leosantosw

leosantosw/StrapiSSOFusionAuthAdmin.js

Last active November 19, 2025 06:08
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save leosantosw/224c6370123fae2616b38506ad4d5a86 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save leosantosw/224c6370123fae2616b38506ad4d5a86 to your computer and use it in GitHub Desktop.
Download ZIP
Strapi SSO using fusionAuth
Raw
StrapiSSOFusionAuthAdmin.js
// reference: https://docs.strapi.io/cms/configurations/sso-providers/keycloak
// config/admin.js
const axios = require('axios');
const OAuth2Strategy = require('passport-oauth2');
module.exports = ({ env }) => ({
auth: {
secret: env('ADMIN_JWT_SECRET'),
events: {
onConnectionSuccess(e) {
console.log('✅ success:', e.user);
},
onConnectionError(e) {
console.error('❌ ', e);
console.error('error:', e.error);
},
},
providers: [
{
uid: 'fusionauth',
displayName: 'FusionAuth',
createStrategy: (strapi) => {
const strategy = new OAuth2Strategy(
{
authorizationURL: 'http://localhost:9011/oauth2/authorize',
tokenURL: 'http://localhost:9011/oauth2/token',
clientID: '',
clientSecret: '',
callbackURL: strapi.admin.services.passport.getStrategyCallbackURL('fusionauth'),
scope: ['openid', 'profile', 'email'],
},
async (accessToken, refreshToken, profile, done) => {
try {
const { data } = await axios.get('http://localhost:9011/oauth2/userinfo', {
headers: {
Authorization: `Bearer ${accessToken}`,
},
});
console.info('userinfo:', data);
const email = data.email;
const username = data.preferred_username || email.split('@')[0];
const firstname = data.given_name || username;
const lastname = data.family_name || '';
done(null, {
email: email,
username: username,
firstname: firstname,
lastname: lastname,
});
} catch (error) {
console.error('Erro ao buscar userinfo:', error.response?.data || error.message);
done(error);
}
},
);
strategy.name = 'fusionauth';
return strategy;
},
},
],
},
apiToken: {
salt: env('API_TOKEN_SALT'),
},
transfer: {
token: {
salt: env('TRANSFER_TOKEN_SALT'),
},
},
secrets: {
encryptionKey: env('ENCRYPTION_KEY'),
},
flags: {
nps: env.bool('FLAG_NPS', true),
promoteEE: env.bool('FLAG_PROMOTE_EE', true),
},
});
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment