By using Discourse as SSO provider via the API (domain A), if you try to register on Discourse (domain B) with a social button, you don’t see immediately the
create-account modal, but instead you are back to the
At this point, you need to close the
login modal, then you click on
Sign Up button and you see the
create-account modal you were supposed to see before.
Here a short video demo:
- Edge, with cache/cookies cleaned and no extensions.
- Using WP-Discourse set up to use Discourse as SSO provider (fastest way to show the issue)
What you see first is I’m clicking on the WP-Discourse SSO login link.
After clicking on the Facebook button, i’m redirected to the login
modal instead of
We are using different domains for Discourse and from where the API is called.
To make sure issue is not from plugins/whatever, that’s something I was able to reproduce with a clean Wordpress (with WP-Discourse set up to use Discourse as SSO provider) and a clean Discourse. Both on different domains.
(Note: this not related to wp-discourse, this is just easier to show/test the issue. We can also reproduce it with our app which consumes the Discourse API and as SSO provider as well).
- Discourse security settings disabled (not sure if has an effect, CSP disabled, same cookies to None or Disabled).
- Discourse up to date
- No issue with logging in with SSO
- Nothing in the browser console or Discourse logs
- If you experience the issue once with the SSO API, and you try to Social Sign Up directly on discourse, you will get the same issue. At this point, you need to clear your cookies/cache to make it work. (same issue reported here: Suggestion: unite the sign up & log in buttons)
Since Discourse is able to show the expected
create-modal with pre-filled fields after you click manually on
Sign Up, it makes me think there is a bug or a situation that Discourse could handle, am I wrong?
Is there something can be done to fix this behavior? Do we miss something?