I’m not sure why you are making the requests to /users/by-external/<external_id>.json
and /admin/users/sync_sso
. The normal flow would be to just redirect the user to /session/sso_login
with the SSO payload set as query parameters on the URL. There are details about what the sync_sso
route is used for here: Sync DiscourseConnect user data with the sync_sso route.
Making a request to /users/by-external/<external_id>
with an external_id
that is not yet associated with a Discourse users should return a 404
(not found) error. If the external_id
is associated with a Discourse user, the user should be returned.