/admin/users/sync_sso 403 Forbidden

ulv8888 · March 12, 2019, 8:23am

Hi all

I need some assistance with POST to /admin/users/sync_sso endpoint. The request (Postman) is:

POST /admin/users/sync_sso HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Cache-Control: no-cache

sso=cmVtb3ZlX2dyb3Vwcz1zdWJzY3JpYmVy&sig=3151a5a1808b3d27897373c725f676bfa83f6eeda593d4d9882f951dfd3ebd42&api_key=<api_key>&api_username=system

Discourse responds with 403 Forbidden and:

{
    "failed": "FAILED",
    "message": "Validation failed: Username can't be blank, Primary email can't be blank"
}

“sso” and “sig” are generated by the client code (in php) using the algorithm from Sync SSO user data with the sync_sso route

I can’t figure out what’s wrong.

Thanks!

simon · March 12, 2019, 6:00pm

Are you updating a user, or creating a new user? If you are updating a user who already exists on your system, you can omit the username and email from the SSO params. If the user doesn’t already exist on your Discourse site, omitting the username and email from the SSO params will cause the error you are getting. This is because Discourse is trying to create a new user from the params.

Topic		Replies	Views
SSO_SYNC not working SSO	6	2455	May 10, 2018
SSO may have broken yesterday Bug sso , discourseconnect	4	1178	February 25, 2015
Validation failed: Primary email is not allowed Dev	0	1014	April 10, 2019
How to handle Discourse SSO when the authentication site allows users to change emails? SSO	4	1271	February 24, 2023
Users unable to login using Wordpress SSO WordPress	2	1492	December 5, 2018

/admin/users/sync_sso 403 Forbidden

Related topics