How can I update trust level via SSO site

(Hwan) #1

Hi guys,

I’d like to update trust level via SSO site. I have a website there is basic free user and premium user. I just update the trust level from my site. Is there any good practice?

I’d like to check API documents but I couldn’t find it.


(Jeff Atwood) #2

If you trust your SSO users (say they are paid subscribers in some way) and the only way to log in is through SSO then sure, TL can default to TL1 no problem. That is a best practice.

(Hwan) #3

I’m sending this data when it requests my site. It works well. What’s the param name for level data?

params = {
        'username': request.user.username,

I’m using hosting service. It is hard to see the whole structure. Is there any manual? I couldn’t find it.


(Jeff Atwood) #4

Go to admin, site settings and search for default trust level, change from 0 to 1.

(Hwan) #5

Is there any to update via API or SSO function? I have about thousand of premium users… I can not do that manually.

(Hwan) #6

I just try like this but it doesn’t work.

params = {
        'username': request.user.username,
        'trust_level': 3

(Jeff Atwood) #7

@techapj will update the API howto topic with sample code for setting user trust level and granting a badge.

(Hwan) #8

Thanks @codinghorror

@techAPJ I hope to integrate it via SSO, webhook or pull by discourse. I have to make a scheduler script if it is not…

(Arpit Jalan) #9

Updated the API howto topic:

Search for Update trust level and Grant a badge to user in the topic.

Also updated the discourse_api gem source code to provide endpoints for updating user trust level and granting a badge.

(Blake Erickson) #10

I also updated the api Documentation so that you know how to get the id’s of the badges you are granting :slight_smile:

(Hwan) #11

Thanks @blake @techAPJ

Do you guys know any solution to grant level or badge when it check SSO? or any web hook solution? I have to check our user type.


(Sam Saffron) #12

I recently added an extension to SSO to allow you to specify mods and admins, would be happy for a protocol extension that allows you to pass in a trust level if you want to try a PR. Would have to be extremely well tested.

(Leo Giovanetti) #13

Hi all. Sorry to wake this conversation up after so long.

I was wondering if this can be done now by passing a parameter through the SSO payload.

I need to be able to set the user trust level depending on a flag I have available in the database where the SSO payload gets constructed. I think this should be something that should be available as trust level is a very important feature which defines the user’s experience as much as any of the information already in the payload. In my case, depending on the trust level we want to enable the user to fully take part of the community or not unless they validate their account and we mark that flag as true or not.

Thanks in advance.

(Keith Peterson) #14

Old thread, but the functionality mentioned in this thread (passing a trust level via SSO) would be very helpful. Was it ever implemented?

(Sam Saffron) #15

Technically yes, but it is a bit tricky.

You would create a hidden group and grant that group trust level, then you would add that group to the user.

A bit convoluted, but on the upside you do get way better auditing.

(Keith Peterson) #16

Got it… I’m trying to create classes of users: members, past members etc. to control access. I have that data in my SSO responder and that sounds like it could work!

I’ve been searching… is there a users guide or description of a) how to assign groups in SSO and b) controlling access by groups? I saw the trust level access control… likely I can track that down with more research.

I appreciate your time, gives me hope for what I need to do to move over a group that has existed for over 20 years.

(Keith Peterson) #17

I think I found it… will run with these clues! thanks.