We are exploring a way to let users sign in to our platform (xyz.com) using the accounts they already have on another platform (abc.com) which is powered by Discourse.
Our authentication backend is Amazon Cognito, and we’d like to configure Discourse as an OpenID Connect (OIDC) identity provider, so that the Cognito Hosted UI can present “Sign in with Discourse” as a login option.
From what I understand:
Discourse can act as a client/consumer of OIDC/OAuth2 and supports SSO ( DiscourseConnect ), but it’s unclear whether Discourse can act as an OIDC provider, which is what Cognito requires.
So my questions are:
- Does Discourse support acting as an OIDC provider?
- If not, are there official plugins/workarounds?
- What would be the recommended way to let Cognito authenticate users against an existing Discourse instance (abc.com), so that they can log in to another platform (xyz.com) seamlessly?
Our goal is simply to avoid asking users to create another account when they already have one on our Discourse site.
Any guidance would be greatly appreciated 