/admin/users/sync_sso 403 Forbidden

Hi all

I need some assistance with POST to /admin/users/sync_sso endpoint. The request (Postman) is:

POST /admin/users/sync_sso HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Cache-Control: no-cache

sso=cmVtb3ZlX2dyb3Vwcz1zdWJzY3JpYmVy&sig=3151a5a1808b3d27897373c725f676bfa83f6eeda593d4d9882f951dfd3ebd42&api_key=<api_key>&api_username=system

Discourse responds with 403 Forbidden and:

{
    "failed": "FAILED",
    "message": "Validation failed: Username can't be blank, Primary email can't be blank"
} 

“sso” and “sig” are generated by the client code (in php) using the algorithm from Sync SSO user data with the sync_sso route

I can’t figure out what’s wrong.

Thanks!

2 Likes

Are you updating a user, or creating a new user? If you are updating a user who already exists on your system, you can omit the username and email from the SSO params. If the user doesn’t already exist on your Discourse site, omitting the username and email from the SSO params will cause the error you are getting. This is because Discourse is trying to create a new user from the params.

1 Like