I’d like to limit authentication to using GitHub. So I’d like to disable password auth. I have ‘enable github logins’ enabled with the corresponding id and secret.
If I go ahead and disabled password auth, how will Discourse identify me as admin when I log in using my GitHub credentials? Does it use the email address associated with the GitHub account?
The catch for me in this case is that the email I used when creating the Discourse account is different from the email address associated with my GitHub account.
Would adding an additional email address for my admin account in discourse - specifically the one associated with my GitHub account - be used to identify my GitHub login as this admin account?
From this post it seems there’s a back door to authenticate as admin using my original admin credentials.