Use OAuth Plugin for Auth0 more seamlessly

I am currently trying to bring Auth0 authentication to my Discourse app. I essentially followed the workflow here and I get things running.

However, I am not quite happy with it for several reasons:

  1. After clicking on sign in/up, there is only a button "with Auth0’. I want there Auth0 login/sign up panel the only thing that shows up after clicking sign in/up at the top of the Discourse page.
  2. After authentication with Auth0, people should not have to create a new user, instead it should all be fine because of Auth0.
  3. E-mail authentication should be or should have been handled via Auth0, not via Discourse.
  4. If you already have logged in via Auth0 in that browser, possibly with the same app from Auth0, in another module of our platform, then you should be automatically logged in.
  5. There should still be the possibility to login as the admin user, as this might turn out to be more challenging after implementing point no. 1.

Could you help me to setup everything or at least parts of it?

I believe you can check this setting in discourse auth_overrides_email for this.

And you can use this sight setting for this: auth_skip_create_confirm

When signing up via external auth, skip the create account popup. Best used alongside auth_overrides_email, auth_overrides_username and auth_overrides_name.

There is also the auth_immediately setting which might do what you are after as well:

Automatically redirect to the external login system without user interaction. This only takes effect when login_required is true, and there is only one external authentication method

You can visit /u/admin-login to bypass oauth.

2 Likes

Many thanks for your input, @blake :slight_smile:

Do you also have some input for the points 1 and 4 or are these more difficult?

I think these settings auth_immediatley and auth_skip_create_confirm will address points 1 and 4. Can you enable them and see if it improves things?

@blake Many thanks for your input.

I did everything as outlined in the setup page plus your suggestions. However, when I try to login this appears

Whereas at https://community.auth0.com/ this is what shows for trying to login (and is intended for my site as well)

Furthermore, I tried to login with my test e-mail and it still requires e-mail auth despite the e-mail is authenticated at Auth0

Do you know how to change it accordingly?