A community of a no-code tool: SSO vs login via email

Hi guys, I’m coming in to pick your brains on something

We are setting up SSO between our no-code platform and our to-be Discourse forum. All’s working great, so yay on that. We are now, however, thinking about whether we should also keep Discourse’s ‘basic’ login via email + password.

My thoughts:
If we keep the SSO only, just people who are already our users could become members of the community. There is a free version of our product so if someone wants to join the community and they don’t have an account with us, they could register for the free plan. I, however, think that this might be a put-off for some folks.

If we keep both options, it might end up in duplicate accounts if someone uses an A email address to create the community account and later on a B email address to register with us.

Do you lot have any opinions/experience/thoughts?

Am I overthinking this?

I would hope that the majority of users would use the same email address . For the few that do end up with duplicate accounts, they could always ask an administrator to ‘merge’ the accounts via the Discourse admin panel.

Screenshot 2022-02-07 at 10.16.161144×236 11.7 KB

If you are referring to DiscourseConnect with “SSO” then you don’t have an option since enabling DiscourseConnect will disable all other login methods.

Thanks for the replies, guys!

Please excuse my lack of technical knowledge @RGJ but I believe it’s Custom OAuth2 that we configured between our product and our community

@david I mean I’d hope so as well but people are strange creatures haha. I am very much in love with the ‘merge’ feature, though.

I 100% agree with you that people are strange.

You have to make it easy for each person. Once they struggle to register or login, they tend to leave it.

You have to cater for everyone tho. SSO login, email login, social media login, etc

In that case it can indeed be combined with other login methods so you can completely ignore my previous comment.

Haha, good to know, thanks!

That’s what I’m thinking as well. There are, however, some voices that say that the OAuth2 login gives us valuable information about the users because we see what they do in our product, what their business is about etc. I’m basically collecting opinions at this point

I’ve used it several times on my forum.
Sorry for being a bit off-topic, but at a time, when I was merging to/from (?) an account with a lot of content, the process timed out (30 or 60+ seconds, I don’t remember) and resulted in a partially merged account, with missing messages. A bit broken. No big deal, but still… It happened to me a few times until I noticed that it wouldn’t timeout through the command line with the rake task.

It was two years ago, but since then I’m now so afraid to merge through the interface that I always do it through the rake task, unless the two accounts to merge both have very little content.

Do you have any info on that @david?

Many improvements have been made over the last two years. Taking a quick glance at the code, merging now happens in a background job, so it shouldn’t be possible for it to ‘time out’ like it used to.

If you’re still seeing issues, please make a support topic