How to "intercept" first time SSO usages to let users confirm the SSO action and set a username?


I’ve been using Discourse for about 3 weeks now and so far I love the possibilities, the effortlessness, the API, the documentation and the meta community. It’s a really great experience so far.

In my company we have a web application where users can login to, which is connected to a backend system that stores the users. Now we want to also offer a Discourse Forum, which existing users should be able to login to via SSO.

We are using DiscourseConnect which is nicely documented here. We are also using the sync_sso route to synchronize any changes we’re making on our end instantly with Discourse. This works great so far.

Now the Product Owner has two requirements that, before I decide to implement them myself, I want to double check if they can be perhaps configured directly in Discourse:

  1. In our internal database users have no username. But they do have, among other things, a real name. In our current PoC we are sending that real name with the ssoRecord so that Discourse stores it and generates a username. However we might not be legally able to do that and we might need to let the users decide themselves if they want to store their real name in our Discourse instance and which username they would like to have within our Discourse instance.
    Question: Is it possible to detect when a user uses SSO for the first time and in that case redirect him to some sort of “Welcome Page” where he can select which name and username to use? Ideally those would be pre-filled from the values in the ssoRecord but the user would have to actively confirm those before continuing his SSO-Registration-Disguised-As-Login action.

  2. Speaking of confirmation: Again, when the user uses SSO for the first time, is there a way to make sure that the user can read and agrees to our terms and conditions before his data will be actually stored in the Discourse database?

I could theoretically implement both steps on our end into our web application. But again, before I do that, I wanted to check back and see if Discourse provides something out of the box. I couldn’t find anything meaningful in the admin panel settings, hence me asking here :slight_smile:


I found this similar thread which suggests to use the auth skip create confirm option, however this option is already unchecked as per default.


Since I couldn’t find any existing documentation and got no reply here, we’re handling this on our end in our own web application now.

1 Like