I want to disable the requirement for new users to verify through email, mostly because my server does not have sendmail and my sendgrid account has a limited number of emails that can be sent each month.
I know I probably will not surpass this limit on my forum (for a long, long time), but I want to use that account for other things as well and I’m afraid it will all add up. Is it possible to automatically activate new users so that activating via email is no longer required, and then also disable the activation email?
Even if it is not important now, this could be useful later, so if this is not yet possible, could someone let me know and I’ll recategorize this under features? If it is possible, please be as descriptive as possible.
Then is there some code I can use to disable the signup field and only allow social logins? Like when I click sign up, there is no more option to sign up with email?
I found a serious issue with this feature - if you enable it, any accounts that were not created using an email address that can be verified by a social login will not be able to login.
For example, if I create an account with example@gmail.com, enable Google login, and then uncheck enable local logins, I can login using Google. But, if I create an account with example@domain.com and uncheck enable local logins, that user is rendered useless. Would it be possible for the next release to include the option to enable local signups, but still have an active login field?
Activation emails are a very small percent of all emails a Discourse forum can send.
By allowing email based logins without requiring activation, you’re opening up the forum for a ton of spam accounts which will, in turn, get emails when anyone posts.
There are a number of reasons to want to skip the email activation, but those typically have to do with a single-sign-on or closed environments.
I do not think you’re going to achieve your stated goal (sending less emails overall) by following down this path.
PS I was interested in this topic based on the title, but wonder if it should be changed to "Can I skip the auto-activation email"
At this point, I’m more worried about the major issue when you actually uncheck the enable local logins option. Also, there is a plugin at https://github.com/angelim/discourse_user_auto_activation that allows for auto-activation and I tried to use it, and the plugin works fine. However, it causes an issue with the Settings > Plugins page.
@angelim, you developed that plugin, so could you look at this issue? Whenever I use your plugin, I cannot access the Settings > Plugins page. It just says that there was an error, nothing else. However, when I disable the plugin it works fine.
I have this scenario. I want to disable the email activation in discourse because I am using Wordpress for SSO (single-sign-in) so now the users have to validate twice, and that is poor customer experience. How can I remove the activate email requirement in discourse?
Also, @itsbhanusharma I have noticed that you have responded to multiple threads regarding SSO loops and maybe you are familiar with a solution to my issue here?
Help from anyone is greatly appreciated.
Thanks so much.
NOTE:
Just two clarify to other users that may be looking at this, please make sure you are following proper security protocols to avoid making your site vulnerable. The only reason I am doing this is because I have SSO activated through Wordpress and Wordpress is doing the email verification in addition to that I also disabled public registrations meaning that the only way to create an account is through Wordpress.
Thanks so much for your help @itsbhanusharma! I will try to implement this and see how it works. I appreciate your help.
Also, do you know if there I a way to make all this work with 2FA (2-factor authentication)?
I have 2FA enable for administrators only, but it creates a loop and admins cannot log in to wp-admin. All other users work fine. When I disable 2FA for the admins then they can sign in to back-end no problem. The 2FA is being implemented through iThemes security.
If users register through the default WordPress registation system, they should not be being forced to respond to the Discourse activation email when they first login to Discourse. If users register through a front-end registration system, they will have to respond to the Discourse activation email. If you are going to disable this, you need to be certain that your user’s email addresses are being verified when they register on your WordPress site.
when user click on the discourse.mysite.com they are still being presented receiving a screen from Discourse saying we send you an email please activate your account.
IF user goes directly to discourse.mysite.com and it is not logged in user gets re-directed to mysite.com/login or register for new account and then circle back to #1.
I tries creating multiple accounts with different email addresses that I have and I am being presented each time with that screen… maybe there is a setting I am missing. But in order for users to get access to my wp site they are already require to validate their email.
Additionally, I have it set up where when anyone types or click on discourse.mysite.com if they are not logged in it takes them to mysite.com/login.
We’re inviting known members to our system and they’ve already signed up (opted in) to receive updates from us. We’re trying to get 100% away from our mailing list software and use only Discourse. The mailing list software is SimpleLists and it DOES NOT allow them to confirm or do anything else before they start getting emailed notifications.
It’s just a mailing list, but in order to ditch it, we need to make sure that when we post to certain sub/categories, they get those notices by email. We’ve solved the notification part for existing users, but they have to have activated their account to be an active user (to receive those sub/category topic notice emails).
We want to just import the users, have it assign passwords and email them (password or a link to enable it). Then they’re activated at that point and will receive the appropriate notices by email automatically.