Most profile fields can already be specified during the SSO process which is super-useful. From username to name, to bio, and even website was added last year. But, there’s some still minor quirks:
location seems to be missing — from a cursory look, seems to be the only obvious field that isn’t possible to change using SSO.
website can be specified during SSO, but unlike most (all?) other SSO profile fields, it doesn’t have a corresponding site setting to allow overriding the local value and prevent user from changing it.
I’m guessing these were just overlooked as the code base grew over time, as I can’t think of a reason for these exceptions. Unfortunately my Ruby and Discourse knowledge isn’t enough to submit a PR, but I wanted to report it — perhaps someone has the technical chops to do it.
I have implemented the changes to make the two items above work. Would be happy to contribute it back to Discourse, but I don’t know if this something that there’s interest in having upstream? /cc @sam
Let me know before I jump through the hoops to submit the PR. The code works but may need some revision/changes as I’m new to Discourse.
Go ahead and get the PR started so you can go through the CLA process, but:
This doesn’t really feel valuable to bother with - other fields on that page like the user card background image aren’t going to be available in SSO platforms, so there’s no consistency advantage to adding a lockdown to website.
Sorry, not sure I understood what you meant there. I agree that card background has limited use on SSO (even though that is already implemented). website is an already implemented SSO field too — I have only added a sso_overrides_website setting, like the ones that already exists for username, avatar, bio etc so that it’s possible to not allow local changes and the SSO value to take precedence.