Como o Discourse ID funciona

What is Discourse ID?

Discourse ID provides a faster login experience across participating Discourse sites so you don’t have to create separate logins for each Discourse you visit and you can join any participating Discourse sites with just one click. It also lets Discourse admins offer a simplified login experience, with support for social logins with no setup or configuration needed.

Every time you see “Log in with Discourse ID” on a Discourse site, you’re seconds away from meaningful conversations that count :discourse:

Why use Discourse ID?

Create once, use everywhere

  • Sign up for Discourse ID once and use it across all participating Discourse communities

  • No need to remember multiple usernames and passwords for different forums

  • Use Google, Apple, Facebook Github, or your email to join Discourse ID (more options coming soon)

Common Questions

  • Which social login platforms are supported out of the box? Without any configuration required, Discourse ID ships with Google, Facebook, Apple and GitHub logins (more coming soon).

  • Is this the same as Single Sign-On (SSO)? Discourse ID is SSO, but specifically designed for Discourse sites.

  • Do community owners see all my activity? No, your activity on one forum isn’t visible to owners of other forums.

  • Why doesn’t Discourse ID work on some sites? Discourse ID is a new feature and some communities have not opted in yet. Ask your community admin to enable it (or check again later).

  • Ready to enable Discourse ID on your community? If you’d like to offer a seamless login experience for your members, turn on the Enable Discourse ID site setting from your admin panel. ID is available everywhere, including sites hosted by us and self-hosted sites.

  • Can I use Discourse ID in the DiscourseHub app? You can log in to individual sites that have enabled Discourse ID in the DiscourseHub app (like any other login method). We are also working on better integration between Discourse ID and DiscourseHub. Stay tuned!

Troubleshooting

For a Discourse site to use Discourse ID, it must be under the https protocol and be visible on the Internet (i.e. ID cannot be enabled for intranet sites). For further troubleshooting, please check the discourse-id tag or create a new topic in the correct category i.e. Bug / Support / UX with that tag.

21 curtidas

How exciting!!!

Oh. How disappointing. :crying_cat:

Hopefully that’ll be available soon! It would be very handy if that were easy to configure (or maybe just possible with an API key or some sort?).

I would love to be able to enable it by default for self-hosted customers (mostly so that I could easily log in!).

EDIT: Sorry to be a whiner, but I’m very excited!

13 curtidas

It will be available very soon for self-hosters, yes. Thanks for your interest, appreciate it!

14 curtidas

I’m so excited for that already created my account you’re the bests!

8 curtidas

Great work! :grinning_face:

I like this idea very much. Unifying the login experience is very appreciated! Makes Discourse easier to use and maybe encourage people to ‘sign up’ to more communities. :partying_face:

7 curtidas

Does it influence the sign-up process or can i still manually admit new members?

Edit: I just realized it’s depending on a discourse provided idp, it’s not federatively trusting all other discourse instances.

It is now enabled :slight_smile: Discourse ID is now available. Try it today! - Announcements - Discourse Meta

2 curtidas

Good morning!

I have a couple of additional questions regarding Discourse ID:

  • I assume there is a central server managing credentials which is contacted by each site validating a discourse ID login? Therefore, although each individual website is not aware of other sites being visited, I assume that information is available centrally on the authorisation server? Do you have any plans to use this information, even if anonymised?
  • Personally, I am happy with email/password (+2FA in some cases), and would not be in a hurry to adopt Discourse ID for my own logins. I also have no interest in reading websites on my phone, so therefore do not want to have the discourse app installed. I hope site operators retain the option to login with username/email and password going forward. For reference, I do not use any of the other offered SSO options either! I have my passwords managed in my own infrastructure, with each password only being used in one location, and stored encrypted when not in use.

I realise that I may represent an edge case, but hopefully people in my position will be considered by admins when looking at sign-on methods going forward.

3 curtidas

Yes, Discourse ID itself is a centralized service. Much like other social logins. We have plans to add more features to ID for end users in the near future, but we don’t have details yet on what those features will be.

Yes, all other login methods will remain available, including local accounts.

5 curtidas

While I find it good I dont need to support all Social when I accept Discourse ID, I did not yet enable it since I am not sure about what compliance hell I will get into (EU).

1 curtida

None. You have to tell same things than with other SSO options. You basically move responsibility to CDCK and link this: Privacy policy | Discourse - Civilized Discussion

Dear CDCK, privacy policy must be updated to include ID asap, please.

2 curtidas

yes but since i dont use other SSO options for the same reason - when I tell users to use them i might be responsible - I cant use it yet.

And yet you aren’t. You, as an admin, can’t store unnecessary personal data and you must tell what you are storing, why and how long. Such things. With other services you have to tell you are using those and point to theirs privacy policy. The rest is theirs responsibility. Totally same thing than with Google Analytics, Adsense, Amazon S3, email delivering etc.

So, basically what you have to do is tell. It is user’s choise to use or not to use. If Discourse ID or what ever SSO is the only options then you must be more strict, but that isn’t the situation.

But you don’t need to allow Discourse ID if you don’t want to. I enabled it because I was curious, but there won’t be a single user in my forum at the moment who would use it. Perhaps that situation will change when translations works in full speed, but that is different story. But there isn’t basically any EU rules that is your to concern.

I know whats sane but I also know that companies are made responsible for linking to Facebook profiles in EU, so I better err on the safe side.

Coule we auto-enrol users to Discourse ID from another systems?

You would like to force users to registrate into id.discourse.com without asking :flushed_face:

AFAIk you can’t as you can’t enroll them to use Google SSO.

Can you explain in more detail what you mean by “auto-enrol users to Discourse ID from other systems”?

It is possible to use your Discourse site as an identity provider, and then allow your users to log in using Discourse ID. Is that what you are asking for?

2 curtidas