Is "partial" SSO possible?

I’m not a developer, so I don’t even know what to search to find the answer to my question. I’m currently trialing Discourse right now and how users log in have been on my mind a lot.

At the start of my trial I was convinced SSO was the way I would go once my trial was over, but now I’m not so sure. It seems like I’d lose some nice Discourse features if I enabled SSO (like the invite features) and I don’t know if there advantage in my case is worth it.

Is it possible to have my forum use both the built in Discourse accounts AND my site’s account? Similar to how you can set up “or Log in with Facebook/Google/Apple” options?

You know how when a user tries to log in/create an account they’re presented with the email/password fields, but on the right of that it gives them options to log in with Facebook, Google, etc? Could I simply have my site’s account be one of these options on the right?

So if a user just wants to use my main site’s login and not create a new account specifically for the forum they could, but they wouldn’t be required for it.

Is this possible? And is this advisable? As in, are there any reasons why I shouldn’t go this route? Thanks!

It depends on what you mean by “SSO”. If you’re talking about DiscourseConnect - Official Single-Sign-On for Discourse (sso), then you cannot use it alongside other login options.

If you’re talking about OAuth2, OpenID Connect, or any of our other authentication plugins, then yes they can be used alongside each other, and alongside email/password login.

Good news on that front - we’ve recently added invite support for DiscourseConnect

And for other login methods:

These changes are live in the latest version of Discourse

3 Likes

You can do that by implementing oauth2 on your server so that it could function like Google and github and friends. (Or having someone do that, since you’re not a developer.)

2 Likes

Thanks! Could you link me to documentation about that please?

Those two plugins can be found at:

4 Likes