Hi guys,
I’d like to update trust level via SSO site. I have a website there is basic free user and premium user. I just update the trust level from my site. Is there any good practice?
I’d like to check API documents but I couldn’t find it.
Thanks!
If you trust your SSO users (say they are paid subscribers in some way) and the only way to log in is through SSO then sure, TL can default to TL1 no problem. That is a best practice.
I’m sending this data when it requests my site. It works well. What’s the param name for level data?
params = {
'email': request.user.email,
'external_id': request.user.id,
'username': request.user.username,
}
I’m using hosting service. It is hard to see the whole structure. Is there any manual? I couldn’t find it.
Thanks!
Go to admin, site settings and search for default trust level, change from 0 to 1.
Is there any to update via API or SSO function? I have about thousand of premium users… I can not do that manually.
I just try like this but it doesn’t work.
params = {
'email': request.user.email,
'external_id': request.user.id,
'username': request.user.username,
'trust_level': 3
}@techapj will update the API howto topic with sample code for setting user trust level and granting a badge.
Thanks @codinghorror
@techAPJ I hope to integrate it via SSO, webhook or pull by discourse. I have to make a scheduler script if it is not…
Updated the API howto topic:
Search for Update trust level and Grant a badge to user in the topic.
Also updated the discourse_api gem source code to provide endpoints for updating user trust level and granting a badge.
I also updated the api Documentation so that you know how to get the id’s of the badges you are granting 
I recently added an extension to SSO to allow you to specify mods and admins, would be happy for a protocol extension that allows you to pass in a trust level if you want to try a PR. Would have to be extremely well tested.
Hi all. Sorry to wake this conversation up after so long.
I was wondering if this can be done now by passing a parameter through the SSO payload.
I need to be able to set the user trust level depending on a flag I have available in the database where the SSO payload gets constructed. I think this should be something that should be available as trust level is a very important feature which defines the user’s experience as much as any of the information already in the payload. In my case, depending on the trust level we want to enable the user to fully take part of the community or not unless they validate their account and we mark that flag as true or not.
Thanks in advance.
Old thread, but the functionality mentioned in this thread (passing a trust level via SSO) would be very helpful. Was it ever implemented?
Technically yes, but it is a bit tricky.
You would create a hidden group and grant that group trust level, then you would add that group to the user.
A bit convoluted, but on the upside you do get way better auditing.
Got it… I’m trying to create classes of users: members, past members etc. to control access. I have that data in my SSO responder and that sounds like it could work!
I’ve been searching… is there a users guide or description of a) how to assign groups in SSO and b) controlling access by groups? I saw the trust level access control… likely I can track that down with more research.
I appreciate your time, gives me hope for what I need to do to move over a group that has existed for over 20 years.
I think I found it… will run with these clues! thanks.
Bonne nouvelle : j’ai pu mettre à jour le niveau de confiance avec quelques appels API simples et cela a très bien fonctionné.
Mauvaise nouvelle : en faisant passer un utilisateur au niveau TL2 (afin de pouvoir lui permettre d’ignorer d’autres utilisateurs), cela déclenche l’attribution d’un badge, ce qui génère une notification et un message par lot indiquant « Merci d’être membre depuis plusieurs semaines ». Ce n’est pas idéal, d’autant que beaucoup de mes membres existants tentent encore de comprendre les niveaux de confiance (logiciel de forum tout nouveau !) et ce que cela implique.
Pire nouvelle : j’ai reçu 4 e-mails distincts de discobot m’invitant au tutoriel avancé, car il pense que j’utilise beaucoup le site et cela semble déclencher ce processus. Je ne sais pas pourquoi j’en ai reçu 4… Serait-ce à chaque fois que j’ai appelé l’API ou autre chose ? Mes membres de la communauté, peu familiers avec la technologie et déjà très mécontents du passage à un nouveau logiciel, n’aimeront pas cela. Je vais donc devoir régler ce problème.
Juste une information pour les autres. Je vais maintenant chercher comment désactiver ce badge TL2 et le message avancé de discobot.