was Moderators should not see emails in SSO section - #13 by techAPJ reverted? It seems moderators are able to see the payload (which contains the email) again.
I am not able to repro this on latest Discourse version.
Note that moderators will see the SSO payload but that payload will not contain external_email.
3 Likes
Is it possible to restrict visibility of the entire SSO section for mods?
Just updated to beta 3 and ran a test. Account only had moderator, last payload included the email even with the “moderators can see emails” option disabled.
email=
external_id=
name=
nonce=
username=
I noticed you mentioned external_email but on our payload its “email”, not “external_email”, maybe that’s why? Is that something we need to fix on our end?
To add on, I believe I used this post when creating our SSO process: Discourse SSO and API Helper for PHP. Uses “email” as one of the parameters, not “external_email”
Thoughts on the above? ^^
Are you talking about the /admin/users/{id}/{username} page or somewhere else?
1 Like
No, when the SSO record is created the external_email is saved as per:
In reference to:
email=
external_id=
name=
nonce=
username=
Where are you seeing this payload in Discourse? As you can see above the email is saved as external_email, name is saved as external_name, etc.
1 Like
Aha, I see that the payload is visible to moderators. I’ve hidden the SSO payload for moderators via:
https://github.com/discourse/discourse/commit/901d6080df6a62c8fbb4da697a9150fdd93211da
We’re also discussing if the payload should be behind a button click for Admins (like we do for emails).
Thanks for the excellent report @anon60302432, and for persistent follow-up. 
3 Likes