Disable account activation email with SSO

I’ve been using Discourse on my own Linode for awhile. That install tanked today, and so I just went with the paid Discourse service. However, now when my WordPress users try and access the forum for the first time, they’re given this activation email step that we didn’t have to do before. Anyway to disable this? Thanks!

Are these new users, or users who already existed on your WordPress site?

1 Like

Users who already existed and new - they both act the same.

Are you using the WP Discourse plugin? If so, did you have in installed when the users were first created. The way it is supposed to work is that when a user is first created with the WP Discourse plugin enabled, their email address is flagged as being unverified. If the users are registered through the default WordPress registration process, that flag is removed and they are able to login to Discourse without having to confirm their email. If you are using a custom registration process, then users will have to verify their email address.

It is possible to override that flag, but I"m curious as to why it’s being applied to existing users.

Yes, I’m using the WP Discourse plugin.

The only difference is this: Yesterday I was on a self hosted installation of Discourse. It crashed today. So I just spun up a paid version with Discourse.org. Now this is happening (and I updated the keys, etc)

It’s odd that it’s being applied to existing users. The easiest way to disable it is to hook into the discourse_email_verification filter. It’s applied before the SSO parameters are sent to Discourse.

Adding something like this to your theme’s functions.php file should work. Ideally, you should only be doing this if you have verified the email address in some way through WordPress.

// Replace 'my_prefix' with your site prefix.

add_filter( 'discourse_email_verification', 'my_prefix_discourse_email_verification', 10, 2 );
function my_prefix_discourse_email_verification( $require_activation, $user_id ) {
    // Check that the user has a valid email address, or just return false for all users.

    return false;

For existing users, I’d be curious to know what

get_user_meta( $user_id, 'discourse_email_not_verified', true )

is returning. If it’s not returning 1, then the issue with existing users is probably something that’s happening on the Discourse end. For new users, unless you are using the default WordPress login, having the account activation email sent by Discourse is the expected behaviour.

Did you restore your old discourse site to the new one or did you just start a new discourse?

Brand new one. This is the 5th discourse instance I’ve had setup, and none of them have ever done this until now. It’s weird.

Thanks @Simon_Cossar - dumb question, but what exactly is the “site prefix.”

1 Like

You are the man! Everything works - thanks a million.


My WP is SSO provider. I use the plugin Activemember360 with a custom registration page. When they register, they only type name and email. Their password is send to their email. So that’s a way to verify their email?

After that, they also have to verify their email with Discourse. It’s not useful.

Is this code is what I need to disable account activation?

If yes, I don’t know how to do this. Could you help me?


Yes, that code will disable the account activation email for all users. It sounds as though that is safe to do for your case.

Here is a simplified version of the code that will disable the account activation email for all users:

add_filter( 'discourse_email_verification', 'wpdc_custom_disable_email_verification' );
function wpdc_custom_disable_email_verification() {

	return false;

This code needs to be added to either a WordPress plugin, or to your theme’s functions.php file. Adding it to the functions.php file is the easiest way to do it. If you are editing that file on a live site, you should access the site’s file system through its cPanel, save a backup of functions.php and then copy and paste the code into the original file. If everything works as expected, delete the backup file.



No need to change the prefix site like you said in the older code?

Using a prefix for custom function names is just a simple way to avoid naming collisions. If there are two functions in your WordPress code with the same name, your site will crash. As long as you don’t have another function named wpdc_custom_disable_email_verification you’ll be fine to keep the name as it is.

1 Like

Thanks, it works perfectly!

1 Like