Is there a "log_in" SSO API endpoint?

According to this post, logging out from an SSO session is as easy as sending a POST request to /admin/users/{USER_ID}/log_out, which I managed to get working fairly easily. My question is, is there an equivalent for logging a user in? I tried /session/sso, but ended up getting a 401 error.

You can’t set cookies for another domain from the server, so that wouldn’t work :stuck_out_tongue:

Try giving the user a page with this on it:

<embed src="https://discourse.example.com/session/sso" onload="window.location='/login_finished'" width=0 height=0>
<div style="display:flex;justify-content:center;align-items:center">
  <div class="loading-spinner">
  <h1>Please wait, logging you into Discourse...</h1>
  <aside><a href="/login_finished">Click here if you don't want to wait</a></aside>
</div>
2 Likes