Hey folks, we’re running hosted Discourse using only GitHub authentication. We’ve successfully added functionality to our own platform to delegate authentication to our system using OAuth2, and our goal is to switch from GitHub auth to OAuth2, and hoped that users logging in using OAuth2 with the same email address that’s associated with an existing account would be logged into that account.
My testing in a self-hosted Discourse so far goes like this. I’ve got a few accounts with the same email address in both GitHub and in our external system:
- I create an account in our test instance using GitHub authentication.
- sign out of that account in the test instance
- attempt to log in using OAuth2 and an account in our system with the same email address
For these accounts when I perform step 3 I’m prompted to create a new account instead of being logged into the existing account, and if I try to complete that process I’m told the email already exists (as one would expect). Here’s a screenshot of one account combination:
The login attempt is on the right; on the left is the admin view of the corresponding account.
Oddly, with another account (the initial admin account) I can log in using GitHub or OAuth2 interchangeably without any difficulty.
What are the correct expectations for this functionality? Should these accounts be recognized as the same? Is there somewhere in the database that I can look to see why some accounts work as hoped and others do not? Is there a mechanism or configuration that I’m missing that will make this work as hoped? Any guidance appreciated!