Resetting or Destroying Single Sign On Records

We have recently transitioned our main website from an old Django backed website to a new WordPress based website. We have migrated users, and are trying to switch the SSO provider from our old platform to our new one. Is there a fast/easy way to delete old single sign on records so that the new WordPress platform can re-sync users with their existing Discourse accounts?

1 Like

There is a method called SingleSignOnRecord.destroy_all. I’m pretty sure that running it inside a rails console (/var/discourse/launcher enter app, rails c) will either do what you want… or hose your site.

If you’re adventurous, take a backup and try it, or wait for someone with more knowledge of this system to answer :wink:

4 Likes

For reference, this topic relates to this WP Discourse GitHub issue: https://github.com/discourse/wp-discourse/issues/279.

I’ve tried out @fefrei’s approach in my development environment (with 10 users) and it worked there without any problems.

4 Likes

Thanks @fefrei and @simon – I can verify that it did work, and did not hose the site at all.

2 Likes

This sounds fishy – “It did not completely hose the site even a little bit!” :laughing:

Thanks for reporting back! :slight_smile:

I’d like to understand why deleting all SSO records would work.

Is it that doing so forces accounts to be matched again on email address, thus matching people again with their rightful Discourse accounts from the new SSO providor?

(In my context, the current SSO providor is a custom PHP app, and we’re migrating our entire membership platform to run on Wordpress.)

1 Like

Correct. In the absence of an SSO record matching the external ID, Discourse matches by email and creates a new SSO record :slight_smile:

(If there is no matching account by mail, too, a new account and SSO record is created.)