We have a website that sends alerts to users via email, and for a seamless experience, we want to provide a link to Discourse that automatically logs them in. We already have DiscourseConnect set up and functioning, but we want to bypass the step where users have to click “Login” on Discourse.
Since we already have the users registered in our system (as we are sending them emails), we would like to automatically log them into Discourse if they already have an account. Is there a way to generate an “automatic login” link that we can send to these users via email?
What we want is a way to send a logged in or new user to discourse from our system - without them having to go to a page, hit ‘login’ and get redirected back to discourse. The best way to think about this is a user comes to our site, logins in, sees a link to post on discourse, is directed to discourse (already logged in). They don’t have to click anything, they are logged in the moment they hit discourse.
Assuming one is already logged in to Spiceworks’ system, you’ll get automatically logged into their Discourse install without needing to click anything.
While this solution technically works, it’s not ideal from the user’s perspective. Users can clearly see that they are being redirected back to our website to log in, which can be a bit disruptive to their experience. Is there an alternative way to achieve this, such as an auto-login link? Ideally, this link would log the user in automatically when accessed, using the email passed as an argument, so they don’t have to go through the manual login process.
we want to bypass the step where users have to click “Login” on Discourse
Discourse does have functionality to generate login links
so one could hook into that functionality via a plugin, but for security reasons using that link requires positive action from the user to verify they wanted to login, so that method does not meet your initial criterion.
My advice would be to make the page they land on match your Discourse instance theming so they don’t notice the redirect.