"sso overrides email" prevents API from changing email

(Adam Capriola) #1

I’m working on getting my SSO implementation tightened up, so I’m enabling sso overrides email, username, and name. I have things set up so that if a user changes their name on the other part of my site, the Discourse API will be called and their name will be updated (to keep everything in sync).

However, this doesn’t work for the email I think because the email change option is on a separate page: /users/[username]/preferences/email as opposed to /users/[username]/preferences. I get a 403 Forbidden when I PUT the data.

It seems weird that the name can be changed with the override setting on, but not the email.

Synchronizing Changes for SSO users
WordPress SSO Page Template
(Sam Saffron) #2

Yeah, we should be consistent here. Not sure which direction thought.

(CJ) #3

Were you able to disable users from changing their emails using SSO?

(Adam Capriola) #4

Uhh, I wanted to let users change their email but I aimed to do it primarily through API rather than SSO so I could keep it synced better.

I ended up disabling sso overrides email and hiding the email change field in their preferences with CSS (not a perfect solution but it’s good enough).

(Kane York) #5

You can update emails when sso overrides email is enabled by performing a sync_sso.

(Kane York) #6