How to prevent another log in with Auth0 and OAuth2 Basic Plugin

I have managed to successfully connect Auth0 to my discourse forum.

However, it is not working as planned.

Currently:

1 - User logs into our webapp at example.com with auth0
2 - User navigates to forum.example.com
3 - User has to click “log in” again
4 - User is automatically logged in without having to fill in the details again

I am looking for a way to skip step 3.

In other words, when the user logs into our webapp on example.com and then navigates to forum.example.com, I want them to automatically see the content and not have to click “log in” again.

The only way to have that working is by changing login_required to true in the site settings, but that will make your forum lose anonymous access, google bot crawling, etc.

2 Likes

I have done this, and the user still has to click “log in” - which automatically logs them in

Oh, when using OAuth2 instead of DiscourseConnect you also need to check the setting auth immediately .

2 Likes

I have also got that enabled :unamused:

Could it be an issue with the fact that users auth at example.com, but it is not authenticating with the subdomain forum.example.com?

Could issues be caused if they auth with ex.example.com then go to forum.example.com?

Nope. Have you disabled every other auth method? If auth immediately is broken that is a bug we must fix.

2 Likes

Yep, local log in is disabled. Only oauth2 is enabled.

Can you share the site URL ?

Sent in direct message

It’s already working for me:

GET https://forum.com
RESPONSE 302 → https://forum.com/auth/oauth2_basic

GET https://forum.com/auth/oauth2_basic
RESPONSE 302 → https://auth0.com/login

1 Like

What do you mean sorry?

What would I need to adjust to get this working?