How to hook up JWT Single Sign On to Discourse


(G) #1

We are investigating using Discourse as a forum section for our website. Our existing app is a Play 2.5 application with it’s own login setup and a JWT authenticator. Our goal is to implement some form of single-sign-on setup where users will be redirected (from Discourse) to our Play app to authenticate, the JWT token is created and sent back (via redirect) to Discourse for use in validating subsequent actions.

I found both GitHub - discourse/discourse-omniauth-jwt: An OmniAuth strategy that uses JSON Web Token for Single Sign-On and GitHub - discourse/discourse-jwt: Discourse Auth support for JSON Web Tokens (JWT) but am unsure if they will support what we are looking for or how to integrate them (I am very new to Discourse). Is there a similar alternative (with JWT) that I am unaware of?


(Robin Ward) #2

The official JWT Plugin is what you want. We’ve deployed it in production and it works well for people.

If you’re unsure how to install a plugin, I suggest you check out @techAPJ’s excellent guide.


(Alessandro Macagno) #4

Hi guys! I’m trying to use the official JWT Plugin, but I can’t understand a few things:

I added git clone link (sorry, reputation missing) in my app.yml
Rebuild app and got an error:

NoMethodError: undefined method `jwt_secret’ for GlobalSetting:Class this line

This is probably because I haven’t set the key, but I don’t know how to. The official doc says I have to insert key and url in my discourse.conf, but I don’t know where to find it and which syntax to use. Can you please help me?