Hi… I’ve searched / browsed this forum but couldn’t find a simple explanation. Is multisite a feature where you want multiple separate sites but on the same server?
What I’m really looking for / wondering is if you can set up multiple forums on the same server, that share the same user database? Sorry if this has already been asked.
To share the userbase, simply have one of the forums be the sso provider and have the other forums be an sso consumer.
Note that this is visible to the user: When they want to log in, they always go to the same site. This could be confusing, depending on the use case. If you want to avoid that, you need to set up an external SSO provider.
Also note that this will share the credentials, but not the user profiles, group memberships, …
Profile stuff can be handled in the payload.
Related:
https://meta.discourse.org/t/can-multisite-instances-communicate-with-one-another/8984?u=erlend_sh
Are there any newer/better approaches to this since the last post? This is something we want to do as well.
We definitely want to share user profiles so that badges (for example) only have to be earned once overall, not once per site.
Using discourse in multiple sites with shared accounts? suggests that just SSO will do the trick but Multiple sites with the same user accounts? suggests that using SSO just takes care of the authentication (credentials) but nothing else.
If you want shared badges, like using the sum for each site to get a badge, you gotta use a single forum and categories to separate stuff.
So, what is the best way to handle this? Do you set up a central, master site, and embed Discourse links on other sites (so that their conversational posts are essentially stored/“on” a central site)?
“Best” is relative if you don’t state your capabilities.
The easiest is exactly what is said in the post above yours, use a single instance.
If you have the engineering capabilities, or the equivalent in budget, you can have multiple instances sharing a single SSO, and a companion application that queries all the sister Discourse instances for data and awards users a badge in each instance via API calls.
so essentially a SSO profile sync plugin. is there anything like this out there that you’re aware of? anyone happen to be already working on something like this? i’m interested as well.
i’ve read that alternate logins such as Facebook are lost when SSO is used. is that still the case today? the central Discourse wouldn’t have those alternate logins either? why is that?
You could have one Discourse set up as the primary and others set up to have the primary site as their sso server. In that case the primary discourse could use social logins, but those that were using it as their sso server would redirect all of their logins to the primary server.
If you use sso, then it’s the only authentication method you can use. If you want to optimally delegate to another server, you have to use oauth2.
what happens when a user from a slave Discourse attempts to login? they are redirected to master Discourse account creation, which includes whatever social media logins i want, and then redirected back to slave Discourse and asked to login with what credentials if they used a social media login such as Facebook after account creation is successful? long question sorry, i can try to rephrase if it doesn’t make sense… basically, a Discourse network that relies on master Discourse and master Discourse allows social media logins - are the slave Discourses then using local authentication stored on the master Discourse or are they still using for example Facebook authentication? seems like it would be confusing for local password managers.
tldr; i want my master & slaves to allow social media logins
Client redirects to primary discourse. It does authentication. That’s where users log in. It can use social.
Client discourse sites don’t know whether the user used social when they logged in (at least I don’t think so).
so when a guest logs in on slave he is redirected to master where he logs in with social then redirected back to slave logged in?