Auto Login enabled for public facing community?

In the general case that is going to be impossible (how can you tell if an anonymous user has an account without prompting them to log in?). However, it should be possible to detect if a user already has an active session in your SSO site.

That topic is quite old, but I think the principle should still apply. Basically, add a URL with appropriate CORS support that returns a JSON response indicating whether the user has an active session. Then add some JS to your discourse theme that queries that URL and triggers the SSO process if an active session exists.

2 Likes