If someone changes their email in WordPress, change it in Discourse - sso_sync

(Leah Kramer) #1

Howdy all. I’ve spent a couple hours reading threads and trying to get this work with no luck.

Basically we just want that if someone changes their email in WordPress, it gets changed in Discourse.

I think I can use the sso_sync api call but I can’t seem to figure out how to use it. Can anyone help with a php code example? (I use other discourse api calls successfully. Just can’t figure out how to use this one.)


WP / MemberMouse / Discourse Integration Guide
(Leah Kramer) #2

I should add that I know the email change will happen when the user next logs in to discourse, but we need to instantaneously change it when they change it in WordPress.

(Simon Cossar) #3

This is working to sync SSO records when I run it in my development environment. I’m testing this inside of a class in the wp-discourse plugin. $this->options[] is from wp-discourse. You could just hard-code the values. I’ll look at it some more tomorrow.

Class DiscourseSSO {
    // Add the action hook
    public function __construct() {
        add_action( 'profile_update', array( $this, 'sync_sso' ), 10, 2 );

    public function sync_sso( $user_id, $old_data ) {
        $user = get_user_by( 'id', $user_id );

        if ( $user->user_email !== $old_data->user_email ) {
            $url          = $this->options['url'] . '/admin/users/sync_sso';
            $api_key      = $this->options['api-key'];
            $api_username = $this->options['publish-username'];
            $sso_secret = $this->options['sso-secret'];
            $params = array(
                'username'    => $user->user_login,
                'email'       => $user->user_email,
                'external_id' => $user_id,

            // base64 encode the SSO params.
            $sso_user = base64_encode( http_build_query( $params ) );
            // Create the signature for Discourse to match against the payload.
            $sig      = hash_hmac( 'sha256', $sso_user, $sso_secret );

            $response = wp_remote_post( esc_url_raw( $url ), array(
                'body'   => array(
                    'sso' => $sso_user,
                    'sig' => $sig,
                    'api_key' => $api_key,
                    'api_username' => $api_username,
            ) );

            $response = json_decode( wp_remote_retrieve_body( $response ) );

            // Do something with the response.

Programmatically adding users when SSO is being used
(Leah Kramer) #4

Thanks @Simon_Cossar. Finally got a minute to try this and it works great!

(André) #5

Hey Leah - would love to understand how you managed to connect MemberMouse up to Discourse (allow signups to a specific MM bundle; and disable a users account if they don’t renew a yearly subscription).

Mind if I pick your brain?

(Leah Kramer) #6

Hi André. I’d be happy to write up all the things I did to connect WordPress and MemberMouse. I’ll do it in a separate thread here for any other MemberMouse users. Might take me a week to get to it though.

(Leah Kramer) #7

OK @andrec, I wrote some MemberMouse stuff up here. I didn’t include very much actual code but feel free to ask me if you get stuck on any specific part of things.

(André) #8

@lkramer - you rock, thx a ton!