How to setup heroku ENV variable for sso secret?


right now my code looks like:

require 'single_sign_on'

class DiscourseSsoController < ApplicationController
  before_action :logged_in_user 
  def sso
    secret = "ilovetomcruise"
    sso = SingleSignOn.parse(request.query_string, secret) = = # this is a custom method on the User class
    sso.username =
    sso.external_id = 
    @user_id =
    sso.avatar_url =
    sso.sso_secret = secret
    sso.avatar_force_update = true


How do I create an ENV['something_here'] with heroku so I do not show the secret in my code? thanks.


is it just heroku config:set DISCOURSE_SECRET= ilovetomcruise

and then


(Jay Pfaffman) #3

I doubt it. That stuff should be configured on the Discourse web interface.

You really want to install following these instructions.


I thought that stuff goes into my Rails app? I installed with those instructions awhile ago. If everything is on the digital ocean server how will it communicate with my app?

(Jay Pfaffman) #5

Oh. Do you mean that you have written a Rails app that you would like to SSO authenticate against? I didn’t understand that at all from your post. Sorry. I’m no help help here.

(Alex Peck) #6

Yes, as far as setting ENV variables is concerned on Heroku it’s what you said earlier:

heroku config:set DISCOURSE_SECRET=ilovetomcruise

Once you do that, you’ll have the ENV set on your Heroku server.