How to use Auth0 with the OAuth2 Basic Plugin

@jerdog I have an open support ticket which one of your engineers has been working with me on. Happy for you to use that if it cuts time debugging! Ticket is #44440

Ruth

I tried now with a new profile from an American site i.e. withou the “eu”: https://testestukune.auth0.com/authorize

I am stuck on the same problem! :worried:

1 Like

@RCheesley / @Serginho_Cintra / @blake - we are looking into this and will get with you as soon as we see what’s going on

1 Like

From the other thread:

oauth2 json user id path : sub
oauth2 json username path : nickname
oauth2 json name path : name
oauth2 json email path : email

Quite different from the identities.[].id posted above!

Yes - things have likely changed from post #1 in terms of required settings

1 Like

@riking see this post for why I had that.

1 Like

@RCheesley and @Serginho_Cintra

The key part that we were missing is that we need to specify a scope when we ask Auth0 for user info.

I’ll update the original post with the correct values you need.

And thanks @jerdog for the help :slight_smile:!

4 Likes

Fantastic, thanks so much for all the help guys, hugely appreciated!

Ruth

3 Likes

Sorry @charchar, I don’t understand how you overcame the “error message with no other options” problem.
I’m stopped just at this point…

Hello!

If the user is new to Discourse, then, after authentication, a window appears with the data of the new user. Is it possible to somehow create a Discourse user automatically, without showing this window? The user is already created on Auth0 …

It is not currently possible, but we hope to add it soon

https://meta.discourse.org/t/openid-connect-authentication-plugin/103632/56?u=david

2 Likes

Is the same situation with the discourse-saml plugin?

The SAML plugin creates the user automatically. We’re planning to make the same functionality available in other plugins.

3 Likes

Is there an update on this?

I’ve got a site that’s using oauth2-basic with auth0. It is the only auth method available and local logins are disabled. New users are not getting created on the Discourse side and logins fail silently, so there is no way to add new users. It’s not clear if this started at the beta9 upgrade or when we switched to oauth2-basic some weeks ago.

At this point, even having to click through a “create your account” screen would be totally fine.

EDIT: A theme component was keeping the new user modal from popping up. Still interested in skipping that step, though.

1 Like

It helps to know that setting logout redirect to https://SITENAME.auth0.com/v2/logout (or https://SITENAME.auth0.com/v2/logout?returnTo=SOME_URL_THAT_IS_IN_ALLOWED_LOGOUT_URLS') then logging out of Discourse will log out of auth0.

5 Likes

It is now available in ALL THE PLUGINS :tada:

7 Likes

Was able to follow the guide to setup SSO using Auth0 and everything works fine. Just that, when the avatar_url is updated in auth0 , it doesn’t get updated on the discourse side. I have tried login and logout for both admin and regular accounts. Just to be clear, the avatar is set correctly at signup, but isn’t updated later on discourse. I can see the debug output in the logs and the user_json does have the updated avatar_url

1 Like

@blake can you please tell me if this is a known issue or if I need to correct anything in my setup?

I ended up disabling the oauth2_basic plugin and followed the sso flow using Auth0 rules as described here: https://blog.leog.me/discourse-sso-with-auth0-e49486d0294a

One change I did was to store the sso_secret in the rules config rather than in application’s metadata

Also include the client_id
https://auth0.com/docs/logout/redirect-users-after-logout