2.7.0.beta4: DiscourseConnect, Topic Timer UI revamp, Login Modal UI revamp, and more

New features in 2.7.0.beta4

‘Discourse SSO’ is now DiscourseConnect

Discourse has long supported numerous authentication methods, from username/password, to social logins with common services like Google, Facebook, Twitter, and GitHub, to enterprise systems like SAML. Discourse has also maintained its own authentication protocol, known as ‘Discourse SSO’. We’ve found, however, that calling our protocol ‘SSO’ can cause confusion, so we’ve renamed our protocol to DiscourseConnect.

Note that there are no technical changes to the protocol, it is just a rename.

Topic Timer UI revamp

Topics timers allow site staff to schedule various actions on a topic, including auto-close/auto-open, auto-delete, auto-delete replies, publish to a new category, and more. Following the bookmark UI revamp in 2.5.0.beta3, the Topic Timer UI has been updated to match.

Bookmark and Topic Timer relative time input

If you’re like me, you’ve likely found yourself wanting to delete a topic in, say, 2 days, only to find yourself looking at your watch, checking the calendar, and more so you can select the correct date/time. No more! Bookmarks and Topic Timers now support relative time. Enter the number of minutes, hours, days, or months you want and Discourse handles the rest.


Login Modal UI Revamp

The signup/login modal is one of the first things users see when accessing a new Discourse site. We wanted to make it a bit more inviting, colorful, and all together nicer looking. So we gave it a bit of ZAZZ. There’s also a small easter egg hidden on the modal - can you find it?

Accessibility improvements

We’re always working to ensure that everyone on the internet can use Discourse, including those using assistive technology. To that end, this release includes additional accessibility improvements based on a recent audit we underwent.

  • Add rowheader to topic title TDs
  • Makes select-kit header a listbox
  • Adds support for aria-current through d-navigation-item
  • Makes aria-owns an ID and not a data attribute
  • Sets has-popup as menu for select-kit components
  • Makes quote controls accessible
  • Sets the html lang to user’s locale when possible
  • Correctly sets a name on combo-boxes for single selects
  • Adds support for aria-expanded and aria-controls to btn
  • Makes user notifications list more accessible

Even more!

But wait, there’s more! We do our best to highlight new features and changes for you, but there’s always too many changes to detail. For a full list of new features, bug fixes, UX improvements, and more, be sure to review the Additional Features and Fixes listed below.

Security Updates

This beta includes 2 security fixes for issues reported by our community and HackerOne.

  • Attach DiscourseConnect (SSO) nonce to current session
  • Rate limit MFA by login if possible

Plugin improvements

Many plugins

  • Bug fix
    • We’ve patched numerous bugs in many of our plugins
  • Translations
    • We’ve updated the translations in many of our plugins

Canned Replies

  • Security fix to ensure correct permissions
  • General style fixes and minor UX improvements

Ad Plugin

  • Use title to iframe elements


  • Add pagination support to admin page
  • Improve repurchase styling
  • Improve purchase page usability


  • Renamed Knowledge Explorer to Docs
  • Add support for inline oneboxing of Docs topics

Apple Auth

  • Remove custom button styling


  • New site setting: encrypt pms default
  • Use Title Case in all labels
  • Option to rotate user encyrption key
  • Correctly handle encrypted uploads

Login with Amazon

  • Update button styling and text

Data Explorer

  • Add a graph report to query results

Discourse Docker

  • Add MAXMIND key support to discourse-setup
  • Correct image prune time with description

Docker Manager

  • Handle repository branch rename from master to main

Additional Features and Fixes

Click to expand

New Features

  • Quick theme installs via query parameters
  • Use diffhtml to update composer preview
  • Support mark tag
  • When moving posts to existing topic auto-select single topic
  • Allow onebox images to be used as topic thumbnails
  • Add “Recently read topics” tab to user activity page
  • Allow post/topic thumbnails to be prioritized via markdown
  • Support keyboard back/forward navigation on DiscourseHub
  • Allow overriding the backup location when restoring via CLI
  • Handle user agent push subscription change events
  • Allow durations < 1 hour and < 1 day for topic timers where duration is specified (auto delete replies, close based on last post)
  • Check blocked_onebox_domains setting for inline oneboxes
  • Improve group settings and members management
  • Topic timer UI revamp
  • Add daily job to check for new features

Bug Fixes

  • NewPostManager should respect category_group_moderator settings
  • Limit post read time to the max integer value
  • Remove top gradient from signup modal
  • Delete topic timers far in the future
  • Remove unnecessary OR from dismiss service
  • Bump max topic timer duration to 20 years
  • Dismiss new when topic_user exists without last read
  • Allow plugins to correctly extend API key scopes.
  • Hide sso payload behind a button click and log views
  • Auto close topic from category settings based on topic created_at
  • Force refresh staff action logs when transitioning from site settings
  • Category redirect to correct slug should not loop
  • Fix subcategory, tag drops and none values
  • Update topic_count when updating visibility
  • Use autocomplete=discourse in select-kit to disable autocomplete in Chrome
  • False for service workers to stop log spam via workbox
  • Do not mark group_flair images as secure on upload
  • Clean up topic-timer-info CSS classes, add edit button, and improve UI
  • Adds google tracking to page publishing
  • Restoring backup via UI was broken
  • Do not show SSO last payload to moderators
  • Dismiss new with better migration
  • Should_alter_quality should respect png_to_jpg_quality
  • Regression in admin new features
  • Allow all tags in site/theme settings, ignore tag group restrictions
  • Validate duration minutes values for topic timer
  • Adjust width to avoid horizontal overflow
  • Don’t add a slug to constructed quote urls
  • When adding a quote when the composer is closed, add a newline
  • Handle empty email address from authentication provider
  • Login UI Fixes
  • Do not notify when the hidden tag is added or removed
  • Restoring could fail due to missing path
  • Restoring backup could fail due to missing uploads
  • Return 404 not found error if a topic is deleted.
  • Check if post.topic exists before publishing topic updates
  • Some error messages used wrong translation key
  • Correct server error for starting SSO login, and add spec
  • Topic progress bar should be on the left in RTL layouts
  • Topic timer duration_minutes was not backfilled correctly
  • The invite success email translation variable was renamed
  • Select earliest post when aggregating posts in a topic for search.
  • Don’t cancel filtering on second “n replies” tap
  • Improve SCSS handling in components
  • Process new invites when existing users are already group members
  • Save updated remote theme, only update enabled themes/components
  • Composer upload icon regression because of WEBP
  • Don’t create email invites when SSO is on or local logins are off
  • Don’t invite new users via group with SSO on or local logins off
  • In FastImage 2.2.2 an error is raised with a nil path
  • Include extra SCSS in child theme
  • Restore support for pasting multiple PM recipients
  • Avoid pulling hotlinked images of post that have been deleted.
  • Refresh category order after save
  • Ensures rects is present before using it
  • Show bookmark name in quick access hover
  • Make discobot certificate faster/non blocking
  • Skip shared drafts logic if disabled
  • Emoji search/autocomplete should respect selected skin tone
  • Existing shared drafts should be accessible
  • Return the CDN’s URL when using the site’s small logo as the system’s user avatar.
  • Stop trying to set values on destroyed bookmark component
  • IMAP allow unknown senders to reply to group topics via email
  • Invisible is not the opposite of visible

UX Changes

  • publishes page, on public change, only when page is published
  • Remove margin from security key login button
  • Change emailLogin to info class when empty
  • Adjustments to admin theme editor
  • Add editing guidance for remote themes
  • Fix excess line breaks in login modal alerts
  • Relative-time-picker should use pluralized strings
  • Fix local-dates styling
  • When auto-selecting topic make sure the focus is on selected topic
  • Second Factor + Alert Display
  • Show plugin descriptions on admin plugins page
  • Trim @ char from start of the username string in search.
  • Remove pluralization in single category notification types.
  • Specify social button styling
  • Prevent badges on usercards from overflowing
  • Improve tag and assign display in search
  • Adjust focus styles for autocomplete input
  • Hide external login column when account creation in progress
  • Adjust gradient, icon hover, capitalizations
  • Remove Convert option for system themes
  • Changes to new features section in admin dashboard
  • Remove 2px border from some select-kit buttons
  • Remove Helvetica from our font stack
  • Small fix for Chrome focus style on replies button
  • Show caret icon on user notification dropdown
  • Don’t display tag notification menu on category page.
  • Fix reply where modal layout
  • Clarify user rejection modal
  • Fix & clarify bulk notification change modal
  • Use bright color for primary button hover on dark schemes
  • Adjust focus styles for topic post menu, composer cancel
  • Popup menu buttons need focus style
  • Add a confirmation modal to “Remove All Tags” action
  • Remove unneeded margin from user stream
  • Fix button alignment on log-in required page
  • Ensure category breadcrumbs have consistent height
  • Uniformize styles for focus states
  • Always show confirmation dialog when converting themes/components
  • Remove border from certificate due to iframe
  • Allow some overflow in composer preview
  • Fix bulk select top positioning


  • Avoid lookbehinds when replacing links in imported emails