Enable Google Login to accept logins from more than one hosted domain (aka GSuite domain)

aribadernatal · July 9, 2018, 3:24pm

Currently, the “google oauth2 hd” login setting can either be left blank (allowing login from any Gmail or GSuite/hosted domain account), can be set to * (allowing login from any GSuite/hosted domain account), or can be set to a single GSuite domain name (allowing login from accounts in one GSuite/hosted domain.) A fourth option – already supported by the underlying omniauth-google-oauth2 gem but not currently supported by Discourse – is to specify a list of hosted/GSuite domains (allowing logins from accounts in any one of the specified GSuite domains.)

In other systems, I’ve seen this done by allowing multiple domain names to be comma-delimited or space-delimited in the corresponding setting (google oauth2 hd at <discourse>/admin/site_settings/category/login.) An incomplete PR along these lines can be found at https://github.com/discourse/discourse/pull/6067

mmcneff · April 1, 2020, 11:19pm

I’d like to second this feature request. Our school uses two different domains. One domain for students (alum.college.com) and one for faculty/staff (college.com). We’d like for both students and faculty to be able to log in to our Discourse forum using Google login. There are many colleges using a similar split domain system to separate students and faculty/staff email addresses.

Topic		Replies	Views
Improve Google Login with Multiple Accounts feature	17	2096	February 27, 2018
How to allow multiple hostnames to login? support	3	737	October 26, 2022
Sso with google account sso	2	2200	September 18, 2018
Google Auth to only invited users support	5	761	November 18, 2020
Set up so that only G-Suite account holders have access? support	8	1008	July 19, 2020

Enable Google Login to accept logins from more than one hosted domain (aka GSuite domain)

Related Topics