I have an existing Discourse forum with just over 100 users, and a Wordpress site with about 1150 users, some of whom will be the same people with the same email address.
I’d like to use the WP Discourse plug-in to connect the two, using WP as my SSO provider, but am not entirely clear on what happens to existing users.
Will existing WP users automatically get Discourse log-ins?
Will existing Discourse users automatically get WP log-ins?
What will happen to users who are already both on WP and Discourse?
Thanks for any clarity you can give me on what will happen!
For existing users on WordPress who do not yet have an account on Discourse, they will be able to login to Discourse without any issue.
For existing users on Discourse who do not yet have an account on WordPress, they will need to create a WordPress account so that they can login to Discourse with SSO. If they create a WordPress account using the same email address that they use on Discourse, they should be able to login to their existing Discourse account. If you are not using the default WordPress registration system, there will be a problem when users with existing Discourse accounts initially try to login from WordPress. If this is the case, there are a few ways it can be sorted out. For reference, if you are using the default WordPress registration system, registration will look something like this:
If this is not the way users are registering, the issue is that the WP Discourse plugin has no way of knowing that users email addresses are valid, so it sends a require_activation parameter with the SSO payload. When require_activation is set to true, Discourse will not match existing users by their email address.
Users who had accounts on both WordPress and Discourse prior to your having enabled the WP Discourse plugin will be able to login to Discourse via WordPress without issues. If they have used the same email address on WordPress and Discourse, they will be logged into their existing Discourse account. If they are using different email addresses on the two systems, a new Discourse account will be created based on the user’s WordPress email address.
I am using Memberpress for subscriptions, which I think users the usual WP registration system? At least, SSO worked fine on a new installation of Discourse.
Given it’s only about 100 people who are on Discourse but not WP, I think I’ll do the SSO and just email them to explain what’s happening.
I’m not sure about that. The WP Discourse plugin marks user’s email addresses as valid if they respond to the new user notification email that is sent by WordPress to a user when they first register on a site. A lot of plugins override this functionality. If you run into problems with existing Discourse users not being able to login after you enable SSO, post about it here and we’ll sort it out.
Ah, right, having tested it with my second test forum, it works fine if they do a normal subscription, but joining through Memberpress breaks it, as you suspected.
I have looked through the link you provided and have managed to fix the SSO error by following those instructions.
I think my only way forward is to fix broken log-ins as they come up. I have a feeling that quite a few of my existing users probably won’t come back anyway, as the forum’s been a bit dead for the last, um, 3 years.
I am going to attempt to work through a similar situation.
My current setup:
Registered users through WordPress (primarily through PaidMembershipsPro plugin)
Registered members through Discourse
Some overlap obviously, but not all. Currently users can use OAuth plugin to “login with WordPress”.
I want to switch to full OAuth and force everyone to use WordPress to login. What are the best steps for me to take? Anything that I need to be cautious about?
The key seems to be the Discourse users without a WordPress account, is that correct?
Just to be clear, are you using OAuth and not SSO? The issue that this topic is dealing with is with how existing Discourse accounts are dealt with when SSO is enabled from WordPress to Discourse.
For the case of OAuth, if it is the only login method available on your Discourse site, users will need to create an account on your OAuth provider site before they can login to Discourse. As long as people use the same email address to signup with your OAuth provider as they have used on Discourse, they shouldn’t have any trouble logging into their Discourse account. You would need to find some way of communicating to your existing Discourse users that they will need to create an account on WordPress.
What does your WordPress registration form look like? Is it similar to the screenshot that I posted above?
If it is, then you are using the default WordPress registration system. For this case, there shouldn’t be any problems for existing Discourse users logging into their Discourse accounts. If you’re not using the default WordPress registration process, then there will be some issues to sort out for users who created their Discourse accounts prior to SSO being enabled.
I will have to expose a registration page because currently users sign up by subscribing to a membership on the site with a form that takes their email, etc. I will have to add a way to register without a subscription for users who have legacy discourse accounts.
Will I have to worry about current WP users if they signed up using a non-traditional (via Paid Memberships Pro plugin) registration?
PMP uses WordPress user accounts, there’s no problem there. Any users created via the PMP process will be accessible to Discourse SSO via WP-Discourse.
Did you already find the code sample which allows PMP memberships to be reflected in Discourse groups?
Users who created their WordPress accounts prior to enabling SSO with WP Discourse will be considered to have valid email addresses. The only issue with using non-default registration systems once SSO has been enabled is that user’s email addresses will be marked as invalid. The plugin supplies a hook that you can use to validate your user’s email addresses. Using the hook requires adding a few lines of code to your site. There are details about how to use it here: How to turn off Discourse email verification?.
Dylan: Sorry, this is a bit of a tangent, but how do you find Paid Memberships Pro? I bought Memberpress (they don’t do a free or trial version) and whilst it’s functional, it is a bit clunky. I’d love to hear your experience of Paid Memberships Pro!
I’m not Dylan, but I have six clients running PMP between their sites/communities.
It’s proven very effective for them, allowing them to extend their on-site offerings into the community with relative ease.
There have been a few issues with membership based pricing and discounts being reflected when used with WooCommerce, but their support guys have worked pretty hard to resolve, in some cases going to far as writing custom code.
Oh, that’s good to know. I’ve no plans to use WooCommerce, so I guess the key thing is whether it’s possible to have the memberships connected to Discourse groups. My developer has connected the memberships in Memberpress to automatically attach a user to the Members Group in Discourse, so that I can provide access to a private set of categories. I assume the same thing will be possible with PMP.
I’ve honestly looked at about a dozen membership solutions, from $15k per annum hosted solutions through to free plug-ins, and I’d honestly hoped I was past this bit of the project. But before launch would be the time to change my mind if I’m going to…
If you want any assistance you can always ask here.
I look after a number of private communities and have seen pretty much every permutation of CMS, SSO and membership product over the past five years. A number of us can assist on your overall architecture if you’re interested in a more formal engagement via the #marketplace.
