I managed to connect GitLab and Microsoft (Azure) with this plugin. btw: for the Azure AD service, make sure to use the “Application Client ID” as client id, not the secret ID or value).
How is it possible to connect Discourse with two OIDC providers, e.g. GitLab and Azure?
EDIT: I managed to get GitLab Login working with OAuth2, so my question is now more “theoretical”.
I think that you would need to fork the plugin and change its name to be able to configure it twice. Maybe you’d fork it and hard code it for one of those services.
I see forking is no longer as appropriate since the Open ID connect plugin was merged into core, and had its git repo archived.
However, i would like to register two applications (an application per tenant). Since i have one tenant’s app registration working under the Open ID connect plugin. Could i put the second app registration ID, secret, discovery URL into the below settings?
I believe solution to this topic title is in the previous post - you don’t need to use two OIDC’s, rather one OIDC and one Microsoft_auth.
microsoft_auth_email_verified would not make Microsoft Auth behave like the already-configured OIDC flow itself. My understanding is that it only makes Discourse treat Microsoft-provided emails as verified/trusted by default, which can help with account linking / avoiding duplicate accounts if those emails are genuinely verified:
For the button text, OIDC is definitely under the js.login.oidc text namespace:
And Microsoft Auth appears to use the microsoft_office365 translation namespace rather than oidc - for example this bug report mentions en.login.microsoft_office365.name:
So I think the relevant text key namespace for Microsoft Auth is microsoft_office365, not oidc.
