How to allow login of user through mobile number?

Problematic since email is so core to what we do. A user without an email has no way to get notifications from us at all. A user without email has no unique identity since that is how they reset their password.

So…is email being at the core the real problem here?

Like others have mentioned previously, I find it hard to imagine users who do not have and cannot create an email address. That being said, I’ve grown up in the US, a “developed” country, where it was expected that I have an email account. I was given an account by the schools I attended (both secondary and college), and it is just an expected type of communication method here. I did not grow up in India, a country still considered “developing”, where access to a computer and the internet is not necessarily commonplace. Can users in India and other developing countries get an email address, yes, if they can already access FB and WhatsApp, they have internet access and can do so.

I guess the question (which is impossible to answer) is “will users in India and other developing countries get email addresses as internet access expands and improves, or is mobile the way of the future?”


I may be missing the obvious, but if someone with a phone can not access the web to create an email account, how are they supposed to access a Discourse forum?

I think the issue is not that they can’t have an email address, but that they don’t. They have a FB account, see FB as a login option, and are then confused as to why an email address is still required.


Thx @jomaxro. @codinghorror the reason I revived the thread is so it could be in the back of our minds. If email is core, then perhaps we should begin to ponder what it means if a user instead provides a unique FB id + phone number.

I am curious to see if the topic of Free Basics will be brought up at Facebook’s F8 conference in a few weeks. If the initiative gains momentum, then you might start seeing billions of users having a slightly different online experience than the rest of us.

Then the issue is

How do we treat a phone number like an email address?

Let’s go all the way here. Full conversion. Zero email. Only the mobile number for a user. To what extent can you treat a mobile number like an email address? To what extent can you replace an email address with a mobile number?

  • Identity? Every mobile number is unique, so that sort of works. You can change mobile numbers about as easily as you can change email addresses, or you can stick with them for long periods of time.

  • Notifications? Unlike email, It’s not free to send a SMS to a phone number. Say someone forgets their password or needs a reply notification. We have to send SMS because that’s literally all we have. Well SMS messages cost, like, real money. Sending email is as free as it gets… but SMS ain’t free. How would the average Discourse open source install deal with this?

That’s the way to think about this. There are some massive obstacles.


Also, while you can easily change mobile phone number, they often are “re-assigned”, and you might end-up sending SMS to a complete different person.


Is there a fb messenger api, so if you log in via fb and have no email address you get notifications via fb?

1 Like

Thx @codinghorror for giving this some thought.

Regarding notifications, I think one long-term solution would be developing a mobile app (access to web view, perhaps including latest web app in initial download) that can be white labeled per site, and can be set up with push notifications. (I would expect Discourse clients to pay for this.) Note that push notifications would not have the same deliverability issues we are running into for email. I recognize this would be a major effort.

Regarding unique ID and changing of phone numbers… FB continuously checks to see if a mobile number has been deprovisioned. I recently changed service providers and had to reconfirm my phone. So if we rely on FB auth as well, that should solve the unique id issue.

1 Like

AFAIK, this is on the roadmap somewhere :slight_smile:

1 Like

Definitely not the most common scenario, but I’ve seen instances in the 50yrs+ demographic where people are hitting a barrier with log-in because they can’t remember their email addresses.


If it is supported by the mobile provider you can send an email as an SMS message.

1 Like

You can also put the burden on the forum owner to provide a valid SMS api key, like you need to provide a valid SMTP service (and soon a valid GCM api key).

If they want to provide mobile number login they need to add a valid SMS gateway service and pay for it (like e-mail).

Americans aren’t familiar with Whatsapp (SMS is mostly free on USA) but it got a scary market share, mostly on using your phone number as your ID.

Medical Doctors send confirmations trough Whatsapp, they don’t even ask if you use it, because it’s expected.


I live in Southeast Asia and work closely with youth. What I observe is that even though they do have emails, they never actually use/check them. Email notifications (digest, reply notif, etc) just go to some black hole.

As for password reset, I agree with @Falco - put the burden on forum operators.


Is anyone working on allowing login via mobile number? I am in east Africa right now with members of our global community, and am finding confirmation of much of what was written above in this topic. People may or may not have email, but they definitely have mobile phones and nearly all have smartphones with facebook and whatsapp installed.

To share an anecdote… even though I am one of the people who was running this learning exchange with these 20 people, there were many moments when I was out of the loop on what was going on with logistics, and found myself sitting in the hotel lobby waiting for everyone else when they all had arranged via a WhatsApp group to cancel an excursion or change plans. They were not choosing to open discourse or their email to quickly communicate with one another.

I know discourse won’t be all things to all people, but in the future it seems necessary to provide account verification via mobile phone and also to allow members to receive notifications via their approved mobile numbers, and send replies to discourse via SMS. All paid for by the discourse site owners to SMS gateways much like we pay for SMTP email now.

This is functionality that we’d be interested in contributing to if anyone gets to work on it and if the discourse team is interested in having it as a plugin or otherwise.

In case anyone is wondering. WhatsApp seems not to be the solution, which is disappointing. I asked @LeoMcA and this is what he had to say:

Sadly it doesn’t look like WhatsApp expose any APIs at all, neither for authentication nor for bots. There are reverse engineered solutions (at least for bots), but I think you risk getting your number banned (and your code taken down) with those. There’s the possibility of more love for developers on the horizon: WhatsApp Blog

Starting this year, we will test tools that allow you to use WhatsApp to communicate with businesses and organizations that you want to hear from. That could mean communicating with your bank about whether a recent transaction was fraudulent, or with an airline about a delayed flight.

But that was posted in January, and there hasn’t seemed to be any update since then.

Another similar service, Telegram, has amazing API support - but if WhatsApp is what people are using, that doesn’t really mean a lot.


Is there any update for this feature lately? I would also be interested in login via mobile number. In my community, almost everyone has smart-phones . But so many ppl don’t have email addresses.

1 Like

Do you have any evidence of people not using your community because of this?

I don’t deny what has been said in this topic, but phone number signup is very UNCOMMON, I can barely think of 4 or 5 sites doing it. So I can’t imagine that all those people are using only 4 or 5 sites.

1 Like

With the growing number of messaging apps like whatsapp, viber, telegram, etc, the usage of email is becoming less and less.


Yes. I’m pretty much sure about this. many people dont even have emails and they only create one to join my community. Others have really a hard time using it. Because its not used so often here. So for example every now and then I have to instructing people how to reset their forgotten password.

On the other hand the use of mobile phone as an alternative to verify ppl is becoming more and more common in my community. they simply send a 4 digit activation code via SMS and the user is verified in a second. with this method, some websites don’t even need passwords. The user can login with another verification SMS at any time.

1 Like

Email is crucial for Discourse, so I don’t see this feature being added anytime soon.

If you really want it, post your budget in #marketplace.

This feature would involve using something like to validate the account and to send notifications, so there is also a price barrier for every community doing this.