Embedding comments via SSO

Hi there!

I recently setup a discourse instance (https://arbitio-community.co.uk) and configured SSO via my Django app.
I am trying to do the following:

  1. user logs in to my django app
  2. I automatically do /session/sso login for discourse in the background
  3. embed topics on the django app

I came across https://meta.discourse.org/t/sso-login-from-main-site-backend/37933, which suggests to add an embed tag for discourse/session/sso, but I’m seeing issues there:

My discourse is set up to be https only, so I’m not sure why does it seems to be redirecting to HTTP.
Any ideas why this is, or different approaches to achieve this workflow?

Thanks!

Is force https is set, are you doing some kind of reverse proxy? If so, that’s probably the problem.

Not that I know, no. It’s running on a single EC2 instance, without any proxy/balancer in front of it.

Are there any verbose logs I could enable to debug this?

Found the issue, I was returning a non-HTTPS discourse redirect /session/sso_login URL from my server.

3 Likes