Discourse SSO using auth0 via URL


(Presley Dias) #1

I am using trying to perform SSO using Auth0 for wordPress and discourse from my own application.
the flow is mentioned below.

The user enters user name and password in the application, the details are sent to the server which authenticates the user with the auth0 API and send back the token.

I have installed auth0 SSO plugin from GitHub in Discourse and all the client ID, client secrets are added to the plugin.

I want to know who to perform SSO in case of Discourse when I have logged into my application.

For wordPress were are using the following method.

    <form *ngIf="userService.isAuthenticated()" ngNoForm action="http://xx.xx.xx.xx/index.php?auth0=implicit&client_id=xxxxxxxxxxxxxxxxxxxxxxxxx&connection=xxxxxxxxxx"
        method="post">
        <input class="hidden" type="text" id="token" name="token" value="{{tokenValueIsHereReturnedbyAuth0Authentication}}" />
        <input class="hidden" type="text" id="redirect_to" name="redirect_to" value="http://xx.xx.xx.xx/index.html" />
        <input class="btn btn-primary pull-right" type="submit" value="View" />
    </form>

So How to do similar thing in discourse?


(Shanth) #2

Instead of redirecting the url, can I use GET request so that i will get the response json of user details with the user details instead of complete redirection and never returning back to the home url.


(Blake Erickson) #3

If you are trying to use Auth0 and Discourse together I would recommend following this guide: How to use Auth0 with the OAuth2 Basic Plugin. It should allow the users to return back to the home url (or even the original url they were on) once they are logged in.


(Shanth) #4

Hi Blake, I’m able to login the user by redirect to url(https://my.discoursesite.com/session/sso_login?sso&sig) for sso, it is logging the user landing in the discourse page but not redirecting back to my application page.
please help me how can I get back to my application after logging in


(Blake Erickson) #5

Oh you are using Discourse as the SSO provider? Are you passing in the return_to field specified in Official Single-Sign-On for Discourse (sso)?


(Shanth) #6

Our native app is the sso provider, i’m trying to create a new user if not existing in discourse based on the users existing in our application, and want to do some api calls to get the user chat topics
I haven’t find the return_to field in the official doc for sso…
I’m facing cors preflight issue while accessing my.discoursesite, please suggest me how can I add the header in the docker container