I have my own site on which I would like to embed a list of topics. My forum is set up on community.withgrayce.com, and it requires login to see content using only DiscourseConnect as a login method. I’ve got the d-topics-list set up for this on my site. What’s happening is:
- The iframe created by d-topics-list loads the URL
https://community.withgrayce.com/embed/topics?discourse_embed_id=de-d4px4nnxj&per_page=5 - Because login is required, that URL does a redirect to my discourse conect url. I’m testing locally, so this goes to
http://localhost:3001/sso?sso=SSO_PARAMS_SNIPPED - That URL loads a page that hits an API to get the SSO redirect and then sets
window.location.hrefwith that URL within the iframe. I’ve tested that the SSO works correctly in general using this technique. - When the iframe tries to load the SSO redirect it gets back a 419 saying the the login has expired.
I can’t figure out why the 419 is happening in this case, but also is this approach doomed to fail? Is there a workable way to embed the list of topics when login is required and using discourse conect?
Thanks!