Discourse OpenID Connect (OIDC)

tobiaseigen · July 16, 2025, 9:41pm

This plugin is now bundled with Discourse core as part of Bundling more popular plugins with Discourse core. If you are self-hosting and use the plugin, you need to remove it from your app.yml before your next upgrade.

hhf.technology · July 24, 2025, 6:52am

yes i did for a client.

Steradiant · March 14, 2026, 3:08pm

We would love to be able to synchronise some groups on Discourse with OIDC groups we have. We found that there has been a PR providing this functionality, but it was not considered further:

github.com/discourse/discourse

FEATURE: Openid connect group maps (#34763)

main ← jalview:openid_connect_groups_maps

closed 02:07AM - 29 Nov 25 UTC

benzoid

+100 -0

This PR allows mapping of OpenID Connect group membership to Discourse Group mem…bership. Of mapped Discourse groups, membership is (optionally) removed if the corresponding OpenID Connect group membership is not present. This is a feature requested several times (e.g. https://meta.discourse.org/t/mapping-groups-or-roles-using-keycloak/304277 https://meta.discourse.org/t/does-sso-overrides-groups-work-with-oauth2/175606/13 https://meta.discourse.org/t/managing-group-membership-via-authentication/175950/32 [and others above]) and the feature has been mentioned as #pr-welcome (https://meta.discourse.org/t/managing-group-membership-via-authentication/175950/30). I've also added in a match_by_username option since this fits our use-case migrating from Crowd. Apologies if the code is insufficient, I'm not a native ruby developer! If tests are required please could you point me at documentation that might help me with writing those? Thank you! PS Thanks for Discourse!

Would it be possible to include this into Discourse’s functionality?

Steradiant · May 3, 2026, 7:43pm

Will users automatically be removed once they are no longer members of the respective group?

david · May 4, 2026, 11:10am

Yes they will

Steradiant · May 4, 2026, 11:41am

Hmm, this does not match my testing actually.

attalbialami · May 6, 2026, 7:31am

Hello all, I’m using the OpenID Connect plugin and trying to pass custom parameters in the /authorize request via openid connect authorize parameters, but it doesn’t seem to work reliably.

Is this officially supported? If not, what’s the recommended way to send custom context to the IdP ?

Thanks!
@david

Topic		Replies	Views
Discourse OAuth2 Basic Plugin official , auth-plugins , included-in-core , oauth2	31	65329	July 24, 2025
Use Discourse as an identity provider (SSO, DiscourseConnect) Integrations sso , discourseconnect , how-to	143	50391	November 9, 2024
Setup DiscourseConnect - Official Single-Sign-On for Discourse (sso) Integrations sso , configuring , discourseconnect , how-to	45	455167	January 28, 2026
Configure sign up and log in with Auth0 using the OAuth2 Basic Plugin Integrations auth-plugins , oauth2 , how-to , sso	73	19882	December 16, 2025
Well known support? SSO oauth2	0	494	May 28, 2023

Discourse OpenID Connect (OIDC)

Related topics