Set up so that only G-Suite account holders have access?

Is there a way to set up Discourse so that users of the organisation’s G-Suite have automatic basic access?

Or at least can create their own account.

And that if the G-suite membership is revoked so is the access to Discourse?

1 Like

Yes this is quite straightforward:

  • Set your site to require registration to see content using - login required
  • Set up google authentication
  • Add your gsuite domain to the email domains whitelist which will require registrants to use an email address from that domain

You can whitelist more than one domain if necessary.

6 Likes

I think you can achieve the first part by using a group that is set up to add members who register with a specified domain.

image

i don’t think this will be possible.

I did this in the past using the steps outlined by @Stephen plus one extra: disable login by email address and password. (I can’t remember the exact setting name off the top of my head).

We also changed a setting to help deactivate accounts more quickly when someone leaves the org (not perfect, but gets close):

1 Like

It’s called enable local logins. It’s not strictly necessary if you’re using a domain whitelist and gives you some fallback when Google has a hiccup. The Google login button also disappears with certain Adblock and content blockers.

I’ve worked with a couple of communities who started with that setting disabled until either of the above caused complaints.

1 Like

If you’re only using Google logins then access is terminated when the Google session ends. You can reduce the default session length to narrow the window but all users will be asked to re-authenticate more frequently.

2 Likes

The reason we disabled it was to achieve this (emphasis mine):