Generate an "email me a login link" URL

Hi,

We have a website that sends alerts to users via email, and for a seamless experience, we want to provide a link to Discourse that automatically logs them in. We already have DiscourseConnect set up and functioning, but we want to bypass the step where users have to click “Login” on Discourse.

Since we already have the users registered in our system (as we are sending them emails), we would like to automatically log them into Discourse if they already have an account. Is there a way to generate an “automatic login” link that we can send to these users via email?

Hi there!
Are you referring to the bit where it says ‘Skip password, email me a login link’?

Since you’re using DiscourseConnect, sending them to /login will automatically start the login flow.

Or, if you want to include a landing page you can use (I’m pretty sure) /session/sso?return_path=«/path/to/landingpage»

@NateDhaliwal @supermathie thanks for chiming in. I work with @jonathan_moura_getit so I thought I would attempt to make this a bit more clear.

What we want is a way to send a logged in or new user to discourse from our system - without them having to go to a page, hit ‘login’ and get redirected back to discourse. The best way to think about this is a user comes to our site, logins in, sees a link to post on discourse, is directed to discourse (already logged in). They don’t have to click anything, they are logged in the moment they hit discourse.

Can someone advise on how we can do this?

Have you tried my suggestion?

You can see it in action at e.g.:

• https://community.spiceworks.com/login
• https://community.spiceworks.com/session/sso?return_path=/c/linux/21

Assuming one is already logged in to Spiceworks’ system, you’ll get automatically logged into their Discourse install without needing to click anything.

Hi Michael,

While this solution technically works, it’s not ideal from the user’s perspective. Users can clearly see that they are being redirected back to our website to log in, which can be a bit disruptive to their experience. Is there an alternative way to achieve this, such as an auto-login link? Ideally, this link would log the user in automatically when accessed, using the email passed as an argument, so they don’t have to go through the manual login process.

OK, this is a separate matter from

we want to bypass the step where users have to click “Login” on Discourse

Discourse does have functionality to generate login links

so one could hook into that functionality via a plugin, but for security reasons using that link requires positive action from the user to verify they wanted to login, so that method does not meet your initial criterion.

My advice would be to make the page they land on match your Discourse instance theming so they don’t notice the redirect.