I’m back to thinking about this and would appreciate guidance.
We are considering opening up discourse for a community that already has WordPress logins but don’t necessarily want to set up SSO and lose all the great benefits of social logins, invites, spam user checking etc in discourse. Many people (myself included) use a different email addresses for the WordPress site than we do for our other logins around the web including Facebook, Twitter, Google+ etc.
So far we’ve been able to tightly control the discourse user accounts, because they are all staff, but once we open up discourse for public logins to our wider community and invite folks to start logging in, we will start getting a divergence between the email addresses people use in wordpress and in discourse. This will bring difficulties with communicating with folks (sending them multiple copies of our newsletters etc) as well as generally with having insight into our community and who’s signing in and participating actively.
So I have returned to thinking that it would be very useful to allow people to add one or more backup email addresses in a comma separated list, or to be able to add it for them. And they can then log in via whatever method or email address they desire and still be able to get in and be identified as the same user, and as long as one of them matches with their WordPress account then we’re golden! The code we write to connect the accounts and pull user info and activity would look for a match across all the user’s email addresses.
One address would of course still need to be established as the primary email that they use to get notifications form Discourse.