Two Discourses with SSO: avoid admin/moderator sync

(Richard - DiscourseHosting.com) #1

We have two Discourses set up, where one uses SSO against the other one.
However, we do not want to synchronize admin and moderator privs, but they are synced every time a user logs in on the SSO client forum.

sso_overrides_groups has been disabled. It does not seem to work for admin and moderator privileges, when I look at the code those are implemented separately (discourse/discourse_single_sign_on.rb at master · discourse/discourse · GitHub)

Is this by design, or is this a bug? Does anyone know a way around this?

2 Likes

(Jeff Atwood) #2

Any thoughts on this @sam?

1 Like

(Sam Saffron) #3

We are going to need 2 extra site settings here:

sso_provider_include_groups
sso_provider_include_staff_flags

I think the default is correct though.

3 Likes