How about choosing between using Wordpress as SSO provider for Discourse and using Discourse as SSO provider for WP?
My hunch is that if the discourse forum is the main reason why people need a login, then it makes sense that they login with discourse and then, if they ever need to log into wordpress, they will be able to use their discourse account via SSO (or perhaps they will already be signed in automagically).
But here on Meta it seems like the other option (WP ad SSO provider for discourse) is discussed more often. So I’m wondering what are the pros and cons for each setup…
A good use case for Discourse as the SSO provider for WordPress would be to allow a forum to use WordPress plugins to extend Discourse. For example, if a forum needs to allow its users to sign up for events, it might be easier to link to a WordPress site that is using an existing Events plugin than to write and maintain an events plugin for Discourse.
Possibly, a WordPress multi-site installation could be setup to serve multiple Discourse forums with a selection of plugins that deal with users. The kind of plugins I’m thinking of would deal with things like appointment booking, event registration, mapping users, buying and selling…
This could also be done with having WordPress as the SSO provider for Discourse, but as you say, if the forum is the main reason to have users login, then it makes more sense to authenticate through Discourse. Especially for an existing forum, it would be an inconvenience to users to force them to login through WordPress if their main reason for logging in is to get to the forum.
If the only users on your WordPress blog are your co-workers / editors, don’t use SSO. It’ll just be an unnecessary complication. We use the wp-discourse plugin for blog.discourse.org, but we have no need for SSO. Everyone in the Discourse team has a separate login for the WP site. We’re not gonna start syncing 25k Meta users to our WP just so we can log in using our Discourse login.