How to use Auth0 with the OAuth2 Basic Plugin

Do you happend to have an EU based auth0 account?

The only thing Serginho and I were able to figure out was that Serginho had an EU based auth0 account, as soon as it was switched back to the US based auth0 account it worked fine. I’m not saying there isn’t some bug somewhere on the Discourse side, but something appears to be different on the auth0 side between their US and EU versions.

That doesn’t sound right at all - I am reaching out to one of our engineers to have a look, but it will probably be helpful if you could contact us through our forum so we can exchange the private tenant info needed to troubleshoot. We can then provide a summary back here of what was fixed.

2 Likes

From previous debugging, auth0 is sending an empty payload (or near empty) which is why the form isn’t being auto-populated. But what I think is happening is Discourse is inserting an empty value in the db as the unique id. So any user who then signs in again will authenticate against that empty value. Obviously there is some improvement to be made on the discourse side to make sure THAT doesn’t happen, but the root cause is auth0 isn’t sending a populated payload for some reason.

Awesome thanks!

Just made a topic on your forum :slight_smile:

4 Likes

@jerdog I have an open support ticket which one of your engineers has been working with me on. Happy for you to use that if it cuts time debugging! Ticket is #44440

Ruth

I tried now with a new profile from an American site i.e. withou the “eu”: https://testestukune.auth0.com/authorize

I am stuck on the same problem! :worried:

1 Like

@RCheesley / @Serginho_Cintra / @blake - we are looking into this and will get with you as soon as we see what’s going on

1 Like

From the other thread:

oauth2 json user id path : sub
oauth2 json username path : nickname
oauth2 json name path : name
oauth2 json email path : email

Quite different from the identities.[].id posted above!

Yes - things have likely changed from post #1 in terms of required settings

1 Like

@riking see this post for why I had that.

1 Like

@RCheesley and @Serginho_Cintra

The key part that we were missing is that we need to specify a scope when we ask Auth0 for user info.

I’ll update the original post with the correct values you need.

And thanks @jerdog for the help :slight_smile:!

4 Likes

Fantastic, thanks so much for all the help guys, hugely appreciated!

Ruth

3 Likes

Sorry @charchar, I don’t understand how you overcame the “error message with no other options” problem.
I’m stopped just at this point…

Hello!

If the user is new to Discourse, then, after authentication, a window appears with the data of the new user. Is it possible to somehow create a Discourse user automatically, without showing this window? The user is already created on Auth0 …

It is not currently possible, but we hope to add it soon

2 Likes

Is the same situation with the discourse-saml plugin?

The SAML plugin creates the user automatically. We’re planning to make the same functionality available in other plugins.

3 Likes

Is there an update on this?

I’ve got a site that’s using oauth2-basic with auth0. It is the only auth method available and local logins are disabled. New users are not getting created on the Discourse side and logins fail silently, so there is no way to add new users. It’s not clear if this started at the beta9 upgrade or when we switched to oauth2-basic some weeks ago.

At this point, even having to click through a “create your account” screen would be totally fine.

EDIT: A theme component was keeping the new user modal from popping up. Still interested in skipping that step, though.

1 Like

It helps to know that setting logout redirect to https://SITENAME.auth0.com/v2/logout (or https://SITENAME.auth0.com/v2/logout?returnTo=SOME_URL_THAT_IS_IN_ALLOWED_LOGOUT_URLS') then logging out of Discourse will log out of auth0.

2 Likes

It is now available in ALL THE PLUGINS :tada:

7 Likes