Use Discourse as an identity provider (SSO, DiscourseConnect)

I’m assuming you are using the Discourse logout redirect site setting to redirect users back to your app after they logout from Discourse.

A possible cause of the issue would be if the login required setting is enabled on your Discourse site. When that setting is enabled, Discourse will automatically redirect unauthenticated users to the SSO provider site if they have gone directly to the Discourse site. That means that unless you are logging users out of your app in when they are first redirected to the logout redirect url, they will be automatically logged into Discourse the next time they visit the site. You can confirm this behavior by going through the process with your browser’s inspector open to its network tab.

In case it’s useful, here’s how the WP Discourse plugin handles the Discourse logout redirect: wp-discourse/lib/sso-provider/discourse-sso.php at main · discourse/wp-discourse · GitHub.

2 Likes