I’ve got SSO set up and working with my website. I’m now wondering if it’s possible to log in a user to Discourse automatically, via the API, when someone logs into the website?
This is good so that users do not have to click Log In when they visit Discourse if they’re already logged into the website.
Thanks, I didn’t realise about the route. But that’s not exactly what I’m trying to do, I want to log them in, in the background without them realising and without redirects. Is this possible?
Take New Relic for example - https://discuss.newrelic.com/ - Say you’re logged out of Discourse - if you then log into the Support Centre section (not part of Discourse) you’re automatically logged into Discourse, without having to visit https://discuss.newrelic.com/session/sso.
I don’t notice any redirects going on after login, but I doubt that they would redirect to every system requiring SSO after a user logs in. I can log into any part of New Relic’s website and Discourse is logged in automatically.
@rasheedamir I have not implemented anything, it’s not yet a priority so decided to put it in the back seat. If you do find a clean solution in your search I would very much appreciate if you could let me know how you did it.
So I am trying the following:
Client logs into my app via Auth0 authentication.
On successful authentication, an Auth0 rule kicks in and makes a callback to a page in my app which has a hidden iframe. This hidden iframe simply does a login to disclosure, so when the client clicks on the forum link he will already be logged in.
I am encountering a problem with the payload that is being sent to the disclosure sso URL.
The “nonce” is invalid/timed out.
Since the login is not being initiated via disclosure, I am generating a nonce in my Auth0 rule and sending that back as part of the payload to the disclosure sso URL.
Im unclear on how the nonce works so would appreciate some assistance. Is there a way to disable the nonce check in disclosure? if not, what do I need to do to get this to work?
I imagine disclosure is rejecting the sso login attempt because the nonce it received is one that it did not send in the first place.