Overview: Single Sign-On (SSO) / OAuth2 (is this chart correct?)

Yes, that’s pretty much it.

For reference here are exemplar login sequences without SSO - note that Discourse has to understand how to interface with each possible backend:

Here is an example with SSO - note that Discourse only communicates with a Single system - whatever happens behind that (username/password, oAuth2, fingerprints, RFID card, blood sample, retinal scanner) is of no concern to Discourse:

11 Likes