We have two Discourses set up, where one uses SSO against the other one.
However, we do not want to synchronize admin and moderator privs, but they are synced every time a user logs in on the SSO client forum.
sso_overrides_groups has been disabled. It does not seem to work for admin and moderator privileges, when I look at the code those are implemented separately (discourse/discourse_single_sign_on.rb at master · discourse/discourse · GitHub)
Is this by design, or is this a bug? Does anyone know a way around this?