Trying to setup a private group which allows new invited users to join with external providers, and I’m using Google OAuth2 as my starting point. I have the invite link created and the Google oauth2 project setup. When clicking the invite link I’m getting the create local account dialog, however this is not show a Google account option. If I click the “Log in” link, the login dialog does show a Sign in with Google option, but because the user is not already registered with the site, this does not work. How do I get the Google oauth option to appear on the invitation? Thanks heaps!
Just to confirm, is it correct that you have configured Google logins for your site, and have the invite only and enable local logins settings enabled?
If so, I’m wondering if you would get the behavior you’re looking for by disabling the enable local logins setting. Before testing that, note that if I works like I think it will, it would force all invited users who have previously set a password on the site to login via Google.
I seem to remember the logic for how invites work with OAuth2 auth providers having changed a few times. It’s been a while since I looked at it. If no one else knows what the expected behaviour is, I think I can test it out on my local dev site, but might not get to it until tomorrow.
Here is my portion of that form. Note that the invite only checkmark is missing. I cannot find this setting anywhere, now. I ultimately want invite only, but I can’t even change it to experiment at the moment.
The site is enforcing invite only, and I recall setting that when I created the site. I just cannot find that setting now that the site is created. I can try turning off local logins just to see what that would do. I’m going to want that feature back however. The idea is invite only going out to new users who can choose to create a local account or link google/etc. as they choose.
This is on the latest version of Discourse; the site was created this afternoon.
Are you on the Basic hosting tier? There is no public access with that level. If you are self-hosted, or otherwise, I am not sure why those settings would not be there.
1 Like
That totally makes sense! Thanks so much.
Yes, this is on the 14-day trial. I am actually not looking for public access, even once I’m on a paid subscription. I believe the Basic tier should support what I am looking for, however.
Maybe hold off on that. I don’t want to suggest anything that could cause you to lock yourself out of the site. I’ll test it out and let you know what I find.
1 Like
/u/admin-login should get you back in even if local logins are off.
2 Likes
I just tested this and found what I was expecting. When enable local logins is disabled, clicking the invite link displays a “Sign in with Google” modal:
When enable local logins is enabled, the username/password modal is shown:
The text on the signup modal lets users know that they’ll be able to login with any social logins using their email address. I think users will understand this to mean that they’ll be able to sign in with Google the next time they login to the site.
With the username/password signup, users are logged directly into the site when they click the “Accept Invitation” button, so the only friction I can see is that they are forced to enter a password before they can initially access the site.
I don’t think there is any way to get the “Sign in with Google” button to display on the invite modal if local logins are enabled.
1 Like
Well, that is disappointing. Obviating the need for Yet Another Useless Password is the entire point of authentication services like this in the first place.
I was hoping to offer my users a choice of authenticating with Google, FB, Discord, etc. just so they didn’t have to create another account to track. Even if, as it seems here, they don’t have to use that password again. Wow.
@simon, thanks very much for the time you put into testing this! Sorry to be sour about the result.
2 Likes
Invites work only with local log in. The other thing you might try is allow people to join without am invite, but require approval for creating accounts.
I have successfully tested the invite link with local logins disabled, and it prompted me for a Google account just fine. So that actually appears to work. I’m only interested in Basic Hosting, so I have no choice but to use private, invite-only logins anyway.
1 Like
This has changed a few times. Invites now work with OAuth2 login providers. I think they work with DiscourseConnect too. I wasn’t sure about this, so tested it yesterday.
1 Like
Right. But if local logins are enabled you have to set a password, which Kurtis found frustrating.
1 Like
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.