As already mentioned here I think it would be a nice feature if Discourse would support the SCIM protocol. SCIM is a standard proposed by the IETF through RFC7644 and RFC7643 which aims to provide solution for user/group management through a simple Rest API. Our use case would be to manage user identities and group memberships via a separate service that acts as a SCIM client, Keycloak in our case. Discourse would act as a SCIM service provider. In addition to any existing SSO and centralized account creation that would have the following advantages:
- assign users to groups;
- change user information immediately in several apps;
- delete the user when they are removed from the SSO;
- get the list of users or groups in a standard way;
- …
We received some funding from NGI via NLNet for SCIM implementations, you can read the proposal and about related work in our forum here. I would try to implement a first solution in a Discourse plugin for now, but it would be nice to integrate this into Discourse core at some point. Let me know about any thoughts and opinions!