So, I was wondering if this is something that could potentially be done - with how my community is set up, I do not want users being able to disassociate their Discord or Steam social login accounts. I was able to tweak the Steam login (nobody can unlink, even staff) since it is an external plugin, but I’m not sure if there’s a way to modify the Discord one since it is bundled with Discourse now. Is there some way to change it so the unlink social account button only is visible/works for staff? Only in rare circumstances would I ever want accounts to be disassociated e.g. the user linked the wrong account, but in order to facilitate rank synchronization with my Discord, it seems weird if they can just unlink by their own accord. I don’t think a plugin would work in this instance, but I may be wrong - I just don’t really know how a feature like this would get added.
You could hide it with CSS. I’d imagine that taking away their ability to decide whether to share those credentials with you is a violation of the terms of service, but perhaps my imagination is too wild.
Yeah, good point about the Terms of Service part, I didn’t even think about that. I know on Discord you can always revoke access there. I’ll have to give that a read now that you mention it. I mainly don’t want a user unlinking because I use their IDs for rank and ban synchronization. Them being able to disassociate it would just make it a bit more tedious to ban them and could let a user potentially synchronize their ranks on multiple Discord accounts. I have the Steam portion synchronize on each login, so no issues there.
EDIT: Yeah, so I read through the Discord developer documentation and there’s nothing that jumped out at me. So, I think it is fine to proceed. A user can always sever the tie with the app at any moment though through Discord, but I’m not sure if that unlinks it on Discourse or what exactly.
Hmm, so after more digging, I don’t think that this would be possible without changes to Discourse and adding some additional settings to the core project or by use of my own Discord social provider (which may not be ideal as there’s one built-in.)
I’m not sure if this is ever something that would be supported or added by the Discourse team, but I think I’ll just have to make an external system for my use and will just use Discourse SSO to associate a link between the Discourse and the other system. For my intents and purposes, I will only use Discourse social logins for logging into Discourse and nothing more because of this limitation. Instead of having all account linking and association done through the user’s Discourse profile, I think I’ll just need to use the different aforementioned tool which I’m already using for verifying things which aren’t possible via OAuth or similar.
Not going to mark this as a solution since it’s not really a direct solution to my original question, and instead is a solution to my particular use-case.
Another solution might be to put the ID in a user custom field and update it via the API. Or have a plugin do that when they login. (I didn’t read the whole topic carefully).