I am trying to achieve SSO for the following scenario.
My application authenticates users agains auth0. Once authenticated, whenever the user visits the discourse page, I expect the user to be logged in silently without having to re-enter credentials (using the credentials from the initial login to my application).
Has anyone tackled this scenario?
Currently i have an Auth0 rule that upon authentication re-directs to discourse via the /sso/ path, passing the sso credentials from Auth0. This logs the user in, or creates the discourse account and then logs user in for a new discourse user.
But I want to achieve this without the Auth0 redirect so the experience to the user is seamless and he/she is already logged in when deciding to visit the discourse page.
Any assistance would be appreciated.
The same issue has been raised here, but there was no solutions proposed: