SSO and multiple discourse apps

I went through some of the topics here about SSO and multiple discourse instances, but I still have a question.

I want to have two discourse forums on the same domain. They have different objectives, and it doesn’t make sense to use one discourse forum for both of them. However, a significant amount of the users might want to comment on both of these forums. Ideally, signing up to either one of them should exempt the user from having to sign up to the second one as well, and the authentication key should be shared between these instances. I couldn’t figure out if this is possible.

You need to choose either one of those or a third instance to be the server for all of them.

1 Like
  1. One of the instances needs to be the SSO server for the other(s)?
  2. Would the significance of this be that the Discord users are saved only in the instance that acts as the SSO server, and provide authentication for the other Discourse instance(s)?
  3. How would the login flows be in the server instance and the other instance?

Sorry for all these questions =/ Thanks for helping me understand this!

That first S in SSO stands for single. One server is the the source of truth for all of the clients. There is no way to “use this local log in unless there isn’t one and then go try go log in somewhere else.”

I don’t quite understand, but I think so.

When a user logs in to a site where something else is the SSO server, they are redirected there and log in there and then, if things are configured correctly, get transparently redirected back to the site where they started.

If a third site were the SSO server, then the login flow would be the same on all sites, as they’d all be redirected to the SSO server.

2 Likes