One-Way SSO between 2 Discourse sites


(Rod James) #1

Here’s my scenario:

Site1 - Private, Invite Only.

Site2 - Public, Facebook, Twitter auth.

I would like to have all my users from Site1 be able to log in and post on Site2, but not the other way around. What’s the most logical way to achieve this?


(Allen - Watchman Monitoring) #2

Only one discourse, where you have a private group?


(Rod James) #3

Both sites are discourse. One is private and one is public. I would like the private site users to be able to sso into the public site, but I would not like the public users to sso into the private site.


(Allen - Watchman Monitoring) #4

Sorry, I wasn’t clear… I was suggesting that you use only one discourse at all.

This way, there’s only one set of credentials, and people who are allowed into a given group (or groups) can see the protected content (one or more categories)

Not the answer you were looking for (I haven’t see Discourse as an SSO provider yet, though it’s discussed here on meta) but this solution would be a lot less work on the admin side of things.


(Rod James) #5

I would love to, but the clients of the private site don’t want the info they share on the public site at all. It’s an Intranet site vs a Public facing Internet site.


(Sam Saffron) #6

Say we added a “log in with sso” button, trouble is it would confuse users that are not part of the private side of things.

Practically, a plugin could create a “sign in via sso” hidden page that you redirect to from Site1, there is a bit of work involved.

Nothing exists out of the box to solve your issue, why not just make them sign up again on the public site?


(Rod James) #7

That’s my easiest course of action yes.

“just make them sign up again on the public site”