{"users":[{"id":115923,"username":"Discourse","name":null,"avatar_template":"/user_avatar/meta.discourse.org/discourse/{size}/148734_2.png","admin":true,"trust_level":4},{"id":190160,"username":"25w31b","name":"","avatar_template":"/user_avatar/meta.discourse.org/25w31b/{size}/546854_2.png","trust_level":1},{"id":21029,"username":"pmusaraj","name":"Penar Musaraj","avatar_template":"/user_avatar/meta.discourse.org/pmusaraj/{size}/119489_2.png","primary_group_name":"team","flair_name":"team","flair_url":"https://d11a6trkgmumsb.cloudfront.net/original/3X/e/b/ebee30bd98aef20357e4a177a5a1e45b877ce088.svg","flair_color":"111","flair_group_id":47,"admin":true,"trust_level":3},{"id":189824,"username":"Abhishek_Soni","name":"Abhishek Soni","avatar_template":"/user_avatar/meta.discourse.org/abhishek_soni/{size}/546304_2.png","trust_level":0},{"id":2770,"username":"awesomerobot","name":"Kris","avatar_template":"/user_avatar/meta.discourse.org/awesomerobot/{size}/142900_2.png","primary_group_name":"team","flair_name":"team","flair_url":"https://d11a6trkgmumsb.cloudfront.net/original/3X/e/b/ebee30bd98aef20357e4a177a5a1e45b877ce088.svg","flair_color":"111","flair_group_id":47,"admin":true,"trust_level":3},{"id":95552,"username":"Moin","name":"","avatar_template":"/user_avatar/meta.discourse.org/moin/{size}/523407_2.png","trust_level":3},{"id":77577,"username":"funfake","name":"William","avatar_template":"/user_avatar/meta.discourse.org/funfake/{size}/154367_2.png","trust_level":0},{"id":45577,"username":"hawm","name":"Hawm","avatar_template":"https://avatars.discourse-cdn.com/v4/letter/h/f07891/{size}.png","trust_level":2},{"id":93768,"username":"emrysr","name":"Emrys Roberts","avatar_template":"/user_avatar/meta.discourse.org/emrysr/{size}/214347_2.png","trust_level":0},{"id":79838,"username":"shawnngtq","name":"Shawn Ng","avatar_template":"/user_avatar/meta.discourse.org/shawnngtq/{size}/182367_2.png","trust_level":1},{"id":82075,"username":"alex.ehlke","name":"Alex Ehlke","avatar_template":"/user_avatar/meta.discourse.org/alex.ehlke/{size}/187893_2.png","trust_level":1},{"id":160471,"username":"Ethsim2","name":"Ethan ","avatar_template":"/user_avatar/meta.discourse.org/ethsim2/{size}/522255_2.png","trust_level":2},{"id":188595,"username":"HBuckley","name":"","avatar_template":"https://avatars.discourse-cdn.com/v4/letter/h/e9bcb4/{size}.png","trust_level":0},{"id":179765,"username":"Soumya_Ranjan_Mishra","name":"Soumya Ranjan Mishra","avatar_template":"/user_avatar/meta.discourse.org/soumya_ranjan_mishra/{size}/514662_2.png","trust_level":0},{"id":73038,"username":"jahan_gagan","name":"Jahan Gagan","avatar_template":"/user_avatar/meta.discourse.org/jahan_gagan/{size}/501948_2.png","flair_name":"plugin_authors","flair_url":"plug","flair_bg_color":"dddddd","flair_color":"111111","flair_group_id":48,"trust_level":3},{"id":188589,"username":"rabbitlair","name":"","avatar_template":"/user_avatar/meta.discourse.org/rabbitlair/{size}/542143_2.png","trust_level":0},{"id":187771,"username":"青岛王斌","name":"青岛老司机","avatar_template":"/user_avatar/meta.discourse.org/青岛王斌/{size}/539567_2.png","trust_level":1},{"id":-1,"username":"system","name":"system","avatar_template":"/user_avatar/meta.discourse.org/system/{size}/443519_2.png","admin":true,"moderator":true,"trust_level":4},{"id":183859,"username":"Drancis","name":"Dale","avatar_template":"https://avatars.discourse-cdn.com/v4/letter/d/50afbb/{size}.png","trust_level":0},{"id":406,"username":"RGJ","name":"Richard - Communiteq","avatar_template":"/user_avatar/meta.discourse.org/rgj/{size}/523185_2.png","flair_name":"support-experts","flair_url":"https://d11a6trkgmumsb.cloudfront.net/original/3X/e/2/e250ec403580530d19e6a9ed42d0d525a51a9dbe.svg","flair_bg_color":"FFFFFF","flair_group_id":142,"trust_level":4},{"id":15209,"username":"pfaffman","name":"Jay Pfaffman","avatar_template":"/user_avatar/meta.discourse.org/pfaffman/{size}/120154_2.png","flair_name":"support-experts","flair_url":"https://d11a6trkgmumsb.cloudfront.net/original/3X/e/2/e250ec403580530d19e6a9ed42d0d525a51a9dbe.svg","flair_bg_color":"FFFFFF","flair_group_id":142,"trust_level":4},{"id":187301,"username":"tejasj654","name":"Tejas","avatar_template":"https://avatars.discourse-cdn.com/v4/letter/t/848f3c/{size}.png","trust_level":1},{"id":185806,"username":"DW_dev","name":"","avatar_template":"/user_avatar/meta.discourse.org/dw_dev/{size}/490888_2.png","trust_level":1},{"id":110946,"username":"phil22","name":"Philip","avatar_template":"/user_avatar/meta.discourse.org/phil22/{size}/248480_2.png","trust_level":1},{"id":182559,"username":"wangya123","name":"","avatar_template":"https://avatars.discourse-cdn.com/v4/letter/w/ccd318/{size}.png","trust_level":1},{"id":143382,"username":"Viktors_Vradijs","name":"Viktors Vradijs","avatar_template":"/user_avatar/meta.discourse.org/viktors_vradijs/{size}/357805_2.png","trust_level":0},{"id":100484,"username":"JammyDodger","name":"","avatar_template":"/user_avatar/meta.discourse.org/jammydodger/{size}/254611_2.png","trust_level":3},{"id":146979,"username":"laudaksg","name":"Girts","avatar_template":"https://avatars.discourse-cdn.com/v4/letter/l/cab0a1/{size}.png","trust_level":0},{"id":134325,"username":"whitewaterdeu","name":"mocha3901","avatar_template":"https://avatars.discourse-cdn.com/v4/letter/w/57b2e6/{size}.png","flair_name":"plugin_authors","flair_url":"plug","flair_bg_color":"dddddd","flair_color":"111111","flair_group_id":48,"trust_level":2},{"id":135392,"username":"NateDhaliwal","name":"Nate Dhaliwal","avatar_template":"/user_avatar/meta.discourse.org/natedhaliwal/{size}/313494_2.png","flair_name":"theme_authors","flair_url":"paintbrush","flair_bg_color":"ddd","flair_color":"111","flair_group_id":73,"trust_level":3},{"id":58437,"username":"Thomas_Rother","name":"Thommie Rother","avatar_template":"/user_avatar/meta.discourse.org/thomas_rother/{size}/423597_2.png","trust_level":2},{"id":132988,"username":"Tealk","name":null,"avatar_template":"/user_avatar/meta.discourse.org/tealk/{size}/525923_2.png","trust_level":2},{"id":83631,"username":"Jagster","name":"Jakke Flemming","avatar_template":"/user_avatar/meta.discourse.org/jagster/{size}/192154_2.png","trust_level":2},{"id":23649,"username":"strk","name":"Sandro Santilli","avatar_template":"/user_avatar/meta.discourse.org/strk/{size}/121193_2.png","trust_level":1},{"id":164435,"username":"KurtTrowbridge","name":"Kurt Trowbridge","avatar_template":"/user_avatar/meta.discourse.org/kurttrowbridge/{size}/470970_2.png","trust_level":1},{"id":121888,"username":"Wilson_Ho","name":"Wilson Ho","avatar_template":"/user_avatar/meta.discourse.org/wilson_ho/{size}/273946_2.png","trust_level":1},{"id":179745,"username":"sreenu_paruchuri","name":"sreenu paruchuri","avatar_template":"/user_avatar/meta.discourse.org/sreenu_paruchuri/{size}/514616_2.png","trust_level":1},{"id":140802,"username":"weber-s","name":"Samuël Weber/GwendalD","avatar_template":"/user_avatar/meta.discourse.org/weber-s/{size}/341470_2.png","trust_level":1},{"id":141994,"username":"humpfhumpf","name":"humpfhumpf","avatar_template":"https://avatars.discourse-cdn.com/v4/letter/h/cc9497/{size}.png","trust_level":1},{"id":138576,"username":"jrack","name":"Justin Rackliffe","avatar_template":"/user_avatar/meta.discourse.org/jrack/{size}/326934_2.png","trust_level":1},{"id":148406,"username":"lewisakura","name":"lewisakura","avatar_template":"/user_avatar/meta.discourse.org/lewisakura/{size}/380966_2.png","trust_level":1},{"id":155765,"username":"BlueTigger87","name":"Shay","avatar_template":"https://avatars.discourse-cdn.com/v4/letter/b/edb3f5/{size}.png","trust_level":1},{"id":176597,"username":"pkward","name":"","avatar_template":"/user_avatar/meta.discourse.org/pkward/{size}/504657_2.png","trust_level":1},{"id":1,"username":"sam","name":"Sam Saffron","avatar_template":"/user_avatar/meta.discourse.org/sam/{size}/102149_2.png","primary_group_name":"team","flair_name":"team","flair_url":"https://d11a6trkgmumsb.cloudfront.net/original/3X/e/b/ebee30bd98aef20357e4a177a5a1e45b877ce088.svg","flair_color":"111","flair_group_id":47,"admin":true,"trust_level":3},{"id":178716,"username":"Wonjong","name":"Wonjong","avatar_template":"/user_avatar/meta.discourse.org/wonjong/{size}/511146_2.png","trust_level":1},{"id":70205,"username":"timb","name":"Tim Briscoe","avatar_template":"https://avatars.discourse-cdn.com/v4/letter/t/3e96dc/{size}.png","trust_level":1},{"id":178140,"username":"J_S_R","name":"Jorge de los Santos Rodriguez","avatar_template":"/user_avatar/meta.discourse.org/j_s_r/{size}/487136_2.png","trust_level":1},{"id":177808,"username":"zoeyme","name":"Zoe","avatar_template":"/user_avatar/meta.discourse.org/zoeyme/{size}/508403_2.png","trust_level":0},{"id":176410,"username":"BaoLe","name":null,"avatar_template":"https://avatars.discourse-cdn.com/v4/letter/b/b9e5f3/{size}.png","trust_level":0},{"id":134770,"username":"gschmid","name":"","avatar_template":"https://avatars.discourse-cdn.com/v4/letter/g/a698b9/{size}.png","trust_level":2},{"id":103315,"username":"Simon_Manning","name":"Simon Manning","avatar_template":"/user_avatar/meta.discourse.org/simon_manning/{size}/198596_2.png","trust_level":2},{"id":175970,"username":"Yousab","name":"Yousab","avatar_template":"https://avatars.discourse-cdn.com/v4/letter/y/4bbf92/{size}.png","trust_level":1},{"id":154769,"username":"tyler.lamparter","name":"Tyler Lamparter","avatar_template":"/user_avatar/meta.discourse.org/tyler.lamparter/{size}/485862_2.png","trust_level":2}],"primary_groups":[{"id":47,"name":"team"}],"flair_groups":[{"id":47,"name":"team","flair_url":"https://d11a6trkgmumsb.cloudfront.net/original/3X/e/b/ebee30bd98aef20357e4a177a5a1e45b877ce088.svg","flair_bg_color":"","flair_color":"111"},{"id":48,"name":"plugin_authors","flair_url":"plug","flair_bg_color":"dddddd","flair_color":"111111"},{"id":142,"name":"support-experts","flair_url":"https://d11a6trkgmumsb.cloudfront.net/original/3X/e/2/e250ec403580530d19e6a9ed42d0d525a51a9dbe.svg","flair_bg_color":"FFFFFF","flair_color":""},{"id":73,"name":"theme_authors","flair_url":"paintbrush","flair_bg_color":"ddd","flair_color":"111"}],"topic_list":{"can_create_topic":false,"more_topics_url":"/c/support/sso/24?page=1","per_page":30,"top_tags":[{"id":233,"name":"oauth2","slug":"oauth2"},{"id":243,"name":"openid-connect","slug":"openid-connect"},{"id":263,"name":"discourseconnect","slug":"discourseconnect"},{"id":330,"name":"rest-api","slug":"rest-api"},{"id":234,"name":"patreon","slug":"patreon"},{"id":291,"name":"saml","slug":"saml"},{"id":39,"name":"email","slug":"email"},{"id":509,"name":"invites","slug":"invites"},{"id":60,"name":"sso","slug":"sso"},{"id":279,"name":"auth-plugins","slug":"auth-plugins"},{"id":1057,"name":"discourse-id","slug":"discourse-id"},{"id":5,"name":"unsupported-install","slug":"unsupported-install"},{"id":66,"name":"wordpress","slug":"wordpress"},{"id":416,"name":"365-oauth","slug":"365-oauth"},{"id":2,"name":"badges","slug":"badges"},{"id":730,"name":"google-login","slug":"google-login"},{"id":9,"name":"groups","slug":"groups"},{"id":56,"name":"trust-levels","slug":"trust-levels"},{"id":67,"name":"approval","slug":"approval"},{"id":150,"name":"dev-install","slug":"dev-install"},{"id":48,"name":"discourse-hub","slug":"discourse-hub"},{"id":248,"name":"linkedin-oauth","slug":"linkedin-oauth"},{"id":740,"name":"login","slug":"login"},{"id":397,"name":"login-with-amazon","slug":"login-with-amazon"},{"id":35,"name":"mobile","slug":"mobile"},{"id":704,"name":"multisite","slug":"multisite"},{"id":68,"name":"pr-welcome","slug":"pr-welcome"},{"id":400,"name":"steam-login","slug":"steam-login"},{"id":618,"name":"user-custom-fields","slug":"user-custom-fields"}],"topics":[{"fancy_title":"About the SSO category","fancy_title_localized":false,"locale":"en","id":13110,"title":"About the SSO category","slug":"about-the-sso-category","posts_count":1,"reply_count":2,"highest_post_number":1,"image_url":null,"created_at":"2014-02-26T21:36:48.112Z","last_posted_at":"2014-02-26T21:36:48.178Z","bumped":true,"bumped_at":"2023-01-16T11:35:10.488Z","archetype":"regular","unseen":false,"pinned":true,"unpinned":null,"excerpt":"For queries specifically about SSO (single sign-on) and login using third-party providers (Google, Facebook, GitHub etc). See the official documentation on DiscourseConnect SSO.","visible":true,"closed":true,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[],"tags_descriptions":{},"views":9443,"like_count":0,"has_summary":false,"last_poster_username":"Discourse","category_id":24,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":null,"is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":"latest single","description":"Original Poster, Most Recent Poster","user_id":115923,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"Forum cannot recognize alternate email from Discourse ID","fancy_title_localized":true,"locale":"zh_CN","id":398181,"title":"论坛无法识别来自 Discourse ID 的备用电子邮件","slug":"discourse-id","posts_count":3,"reply_count":1,"highest_post_number":3,"image_url":null,"created_at":"2026-03-11T15:16:23.971Z","last_posted_at":"2026-03-28T11:19:56.474Z","bumped":true,"bumped_at":"2026-03-28T11:19:56.474Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"When I log in or register on the forum using Discourse ID, the forum only recognizes the primary email and not the secondary email.\nOn regular forums (like this Discourse Meta), the secondary email needs to be added manually, but on free-hosted forums, I cannot manually add or change the email address because the forum displays a 404 error when I try to verify the email address.","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":1057,"name":"discourse-id","slug":"discourse-id"}],"tags_descriptions":{},"views":69,"like_count":5,"has_summary":false,"last_poster_username":"25w31b","category_id":24,"op_like_count":1,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"用户报告在免费托管论坛上无法添加备用电子邮件，但随后确认该问题已自行解决，且支持人员无法复现此故障。","is_nested_view":null,"has_accepted_answer":true,"can_vote":false,"posters":[{"extras":"latest","description":"Original Poster, Most Recent Poster","user_id":190160,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster, Accepted Answer","user_id":21029,"primary_group_id":47,"flair_group_id":47}]},{"fancy_title":"How to enable sso on discourse?","fancy_title_localized":false,"locale":"en","id":397816,"title":"How to enable sso on discourse?","slug":"how-to-enable-sso-on-discourse","posts_count":5,"reply_count":1,"highest_post_number":5,"image_url":null,"created_at":"2026-03-06T14:59:33.366Z","last_posted_at":"2026-03-07T10:05:59.894Z","bumped":true,"bumped_at":"2026-03-07T10:05:59.894Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"I have hosted the discourse on my server, now i want to enable sso login (l have a website from where i want to redirect to discourse), but i can’t find option to enable sso.","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[],"tags_descriptions":{},"views":87,"like_count":6,"has_summary":false,"last_poster_username":"Moin","category_id":24,"op_like_count":1,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"A user unable to locate the SSO settings for DiscourseConnect on an outdated version is advised to adjust their search filter and update their installation to access the configuration options.","is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":null,"description":"Original Poster","user_id":189824,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster","user_id":2770,"primary_group_id":47,"flair_group_id":47},{"extras":"latest","description":"Most Recent Poster","user_id":95552,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"Connect Discourse Auth with my Django user DB?","fancy_title_localized":false,"locale":"en","id":147604,"title":"Connect Discourse Auth with my Django user DB?","slug":"connect-discourse-auth-with-my-django-user-db","posts_count":7,"reply_count":3,"highest_post_number":7,"image_url":null,"created_at":"2020-04-11T08:07:26.824Z","last_posted_at":"2026-02-12T04:43:11.906Z","bumped":true,"bumped_at":"2026-02-12T04:43:11.906Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"Hi ! I’m really interested in Discourse for my ecommerce platform. \nIt would provide a great helping section for my users. \nI’ve seen that Discourse has it’s own Auth methods. I was wondering if I could modify these in o…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[],"tags_descriptions":{},"views":2583,"like_count":7,"has_summary":false,"last_poster_username":"alex.ehlke","category_id":24,"op_like_count":1,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"The user is exploring integrating Discourse authentication with their Django user database, seeking advice on whether splitting authentication systems is a good approach for better user management.","is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":null,"description":"Original Poster","user_id":77577,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster","user_id":45577,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster","user_id":93768,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster","user_id":79838,"primary_group_id":null,"flair_group_id":null},{"extras":"latest","description":"Most Recent Poster","user_id":82075,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"I’m seeing OIDC failures in Discourse logs: `CSRFTokenVerifier::InvalidCSRFToken` on `/auth/oidc` (POST)","fancy_title_localized":false,"locale":"en","id":395752,"title":"I’m seeing OIDC failures in Discourse logs: `CSRFTokenVerifier::InvalidCSRFToken` on `/auth/oidc` (POST)","slug":"i-m-seeing-oidc-failures-in-discourse-logs-csrftokenverifier-invalidcsrftoken-on-auth-oidc-post","posts_count":1,"reply_count":0,"highest_post_number":1,"image_url":null,"created_at":"2026-02-11T07:26:07.675Z","last_posted_at":"2026-02-11T07:26:07.782Z","bumped":true,"bumped_at":"2026-02-11T07:26:07.782Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"Hi all, \nI’m running Discourse 2026.2.0-latest (26f3e2aa87) \n(Docker install, default nginx template, no Cloudflare). I have OpenID Connect enabled (Microsoft Entra / Azure AD). \nWhen a user tries to sign up / log in via…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":243,"name":"openid-connect","slug":"openid-connect"}],"tags_descriptions":{},"views":21,"like_count":0,"has_summary":false,"last_poster_username":"Ethsim2","category_id":24,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"A user reports CSRF token verification failures during OIDC authentication in Discourse 2026.2.0, suspecting SameSite cookie settings interfere with form_post callbacks from Azure AD, and seeks guidance on proper configuration and security implications.","is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":"latest single","description":"Original Poster, Most Recent Poster","user_id":160471,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"OIDC csrf_detected can mask user cancel / consent rejection - docs could clarify log inspection","fancy_title_localized":false,"locale":"en","id":395021,"title":"OIDC csrf_detected can mask user cancel / consent rejection - docs could clarify log inspection","slug":"oidc-csrf-detected-can-mask-user-cancel-consent-rejection-docs-could-clarify-log-inspection","posts_count":2,"reply_count":0,"highest_post_number":2,"image_url":null,"created_at":"2026-02-03T11:56:09.068Z","last_posted_at":"2026-02-05T21:16:57.932Z","bumped":true,"bumped_at":"2026-02-05T21:16:57.932Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"Continuing the discussion from OIDC login via Discourse iOS app occasionally fails with csrf_detected on callback: \nHi all, \nThis is a follow-up observation linked to my earlier thread about OIDC login failures initiated…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":243,"name":"openid-connect","slug":"openid-connect"}],"tags_descriptions":{},"views":47,"like_count":0,"has_summary":false,"last_poster_username":"Ethsim2","category_id":24,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"The discussion highlights that 'csrf_detected' errors in OIDC login can mask user consent rejections or cancellations, and advises operators to inspect logs for accurate diagnosis, noting that log display may include escaped JSON characters like \\u0026.","is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":"latest single","description":"Original Poster, Most Recent Poster","user_id":160471,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"Lapsed members in CRM not removed via Discourse Connect","fancy_title_localized":false,"locale":"en","id":395317,"title":"Lapsed members in CRM not removed via Discourse Connect","slug":"lapsed-members-in-crm-not-removed-via-discourse-connect","posts_count":1,"reply_count":0,"highest_post_number":1,"image_url":null,"created_at":"2026-02-05T20:24:36.684Z","last_posted_at":"2026-02-05T20:24:36.886Z","bumped":true,"bumped_at":"2026-02-05T20:24:36.886Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"Hi! We have integrated our membership CRM (Sheep) using Discourse Connect. However, when a member lapses or cancels, it doesn’t look as though their access to Discourse will automatically be removed. How can we make this…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[],"tags_descriptions":{},"views":20,"like_count":0,"has_summary":false,"last_poster_username":"HBuckley","category_id":24,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"A user inquires about automating the removal of lapsed or cancelled members from Discourse access using Discourse Connect integration with their CRM (Sheep), asking if a specific setting enables this functionality.","is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":"latest single","description":"Original Poster, Most Recent Poster","user_id":188595,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"New users clicking category link see “access to this forum is by invite only” and cannot log in via OAuth2","fancy_title_localized":false,"locale":"en","id":389937,"title":"New users clicking category link see “access to this forum is by invite only” and cannot log in via OAuth2","slug":"new-users-clicking-category-link-see-access-to-this-forum-is-by-invite-only-and-cannot-log-in-via-oauth2","posts_count":5,"reply_count":1,"highest_post_number":5,"image_url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/b/1/d/b1de58005be615efd720d3dcbde20b0f0c0f075d_2_1024x329.png","created_at":"2025-11-29T08:03:36.340Z","last_posted_at":"2026-02-05T17:38:34.940Z","bumped":true,"bumped_at":"2026-02-05T17:38:34.940Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"Hi Everyone, \nWe have a private category in our Discourse instance that is restricted to a specific user group. We created a link so new users can access this category after logging in through OAuth2. \nHowever, when new …","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":[{"max_width":null,"max_height":null,"width":1167,"height":376,"url":"https://d11a6trkgmumsb.cloudfront.net/original/4X/b/1/d/b1de58005be615efd720d3dcbde20b0f0c0f075d.png"},{"max_width":1024,"max_height":1024,"width":1024,"height":329,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/b/1/d/b1de58005be615efd720d3dcbde20b0f0c0f075d_2_1024x329.png"},{"max_width":800,"max_height":800,"width":800,"height":257,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/b/1/d/b1de58005be615efd720d3dcbde20b0f0c0f075d_2_800x257.png"},{"max_width":600,"max_height":600,"width":600,"height":193,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/b/1/d/b1de58005be615efd720d3dcbde20b0f0c0f075d_2_600x193.png"},{"max_width":400,"max_height":400,"width":400,"height":128,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/b/1/d/b1de58005be615efd720d3dcbde20b0f0c0f075d_2_400x128.png"},{"max_width":300,"max_height":300,"width":300,"height":96,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/b/1/d/b1de58005be615efd720d3dcbde20b0f0c0f075d_2_300x96.png"},{"max_width":200,"max_height":200,"width":200,"height":64,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/b/1/d/b1de58005be615efd720d3dcbde20b0f0c0f075d_2_200x64.png"}],"tags":[{"id":509,"name":"invites","slug":"invites"},{"id":233,"name":"oauth2","slug":"oauth2"}],"tags_descriptions":{},"views":123,"like_count":2,"has_summary":false,"last_poster_username":"rabbitlair","category_id":24,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"Disabling 'OpenID Connect match by email' and configuring SSO webhook to auto-create accounts with group assignments resolved the issue of new OAuth2 users being blocked by 'invite only' before login.","is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":null,"description":"Original Poster","user_id":179765,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster","user_id":73038,"primary_group_id":null,"flair_group_id":48},{"extras":"latest","description":"Most Recent Poster","user_id":188589,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"OIDC login via Discourse iOS app occasionally fails with csrf_detected on callback","fancy_title_localized":false,"locale":"en","id":394838,"title":"OIDC login via Discourse iOS app occasionally fails with csrf_detected on callback","slug":"oidc-login-via-discourse-ios-app-occasionally-fails-with-csrf-detected-on-callback","posts_count":5,"reply_count":0,"highest_post_number":5,"image_url":null,"created_at":"2026-01-31T11:51:35.680Z","last_posted_at":"2026-02-02T20:46:42.031Z","bumped":true,"bumped_at":"2026-02-02T20:46:42.031Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"Hi, \nI’m running Discourse ( 2026.2.0-latest (f7cec86997))with OpenID Connect (Azure / Entra ID as IdP). \nI’ve noticed an occasional login failure that only seems to occur when users attempt to sign in via the Discourse …","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":243,"name":"openid-connect","slug":"openid-connect"}],"tags_descriptions":{},"views":78,"like_count":0,"has_summary":false,"last_poster_username":"Ethsim2","category_id":24,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"OIDC login via iOS in-app browsers like Snapchat fails due to CSRF/state cookie loss in WKWebView; Discourse correctly rejects invalid callbacks, and mitigation requires server-side messaging, not client fixes or SameSite changes.","is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":"latest single","description":"Original Poster, Most Recent Poster","user_id":160471,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"Settings for oauth2, IP rejected, how to solve","fancy_title_localized":true,"locale":"zh_CN","id":394318,"title":"关于oauth2的设定，IP被拒绝，如何解决","slug":"oauth2-ip","posts_count":3,"reply_count":0,"highest_post_number":3,"image_url":null,"created_at":"2026-01-26T07:30:27.704Z","last_posted_at":"2026-01-26T10:44:36.175Z","bumped":true,"bumped_at":"2026-01-26T10:44:36.175Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"[root@HDDXVZ4023 discourse_docker]# tail -f /var/discourse/shared/standalone/log/rails/production.log\nBody: \nclient_id: \nclient_secret: \ngrant_type: authorization_code \ncode: zeyHxfhcvSIzMiw \n:redirect_uri: https://*****…","visible":true,"closed":true,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":233,"name":"oauth2","slug":"oauth2"}],"tags_descriptions":{},"views":40,"like_count":1,"has_summary":false,"last_poster_username":"青岛王斌","category_id":24,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"问题源于DISCOURSE_ALLOWED_INTERNAL_HOSTS与redirect_uri配置不匹配，调整后配置有效，但重新指定token获取地址后问题复现。","is_nested_view":null,"has_accepted_answer":true,"can_vote":false,"posters":[{"extras":"latest","description":"Original Poster, Most Recent Poster, Accepted Answer","user_id":187771,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster","user_id":-1,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"SSO - User Roles or ACLs to differentiate access levels","fancy_title_localized":false,"locale":"en","id":394229,"title":"SSO - User Roles or ACLs to differentiate access levels","slug":"sso-user-roles-or-acls-to-differentiate-access-levels","posts_count":3,"reply_count":0,"highest_post_number":3,"image_url":null,"created_at":"2026-01-23T22:05:20.743Z","last_posted_at":"2026-01-24T00:25:26.810Z","bumped":true,"bumped_at":"2026-01-24T00:25:26.810Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"Hi We are leveraging SSO for our community authentication.  Within our system we have different customers, let’s just say A and B.  We want to distinguish these groups in Discourse so that we have private Categories.  In…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":60,"name":"sso","slug":"sso"}],"tags_descriptions":{},"views":46,"like_count":7,"has_summary":false,"last_poster_username":"pfaffman","category_id":24,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"The discussion focuses on using SSO to automatically assign users to groups based on their authentication levels, enabling differentiated access to private categories in Discourse without manual intervention.","is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":null,"description":"Original Poster","user_id":183859,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster","user_id":406,"primary_group_id":null,"flair_group_id":142},{"extras":"latest","description":"Most Recent Poster","user_id":15209,"primary_group_id":null,"flair_group_id":142}]},{"fancy_title":"500 error after getting the token in oauth2-basic plugin","fancy_title_localized":false,"locale":"en","id":392974,"title":"500 error after getting the token in oauth2-basic plugin","slug":"500-error-after-getting-the-token-in-oauth2-basic-plugin","posts_count":2,"reply_count":0,"highest_post_number":2,"image_url":null,"created_at":"2026-01-08T14:38:24.413Z","last_posted_at":"2026-01-08T14:40:32.560Z","bumped":true,"bumped_at":"2026-01-08T14:40:32.560Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"I am facing a weird error that others seem to have solved. Basically, I am getting the token from the API but no user details API calls are being made. Instead, the callback URL fails with 500 without any error message. \n…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":233,"name":"oauth2","slug":"oauth2"}],"tags_descriptions":{},"views":32,"like_count":0,"has_summary":false,"last_poster_username":"tejasj654","category_id":24,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"User receives a 500 error after OAuth2 token acquisition despite valid token response, with no user details API calls triggered and no visible error logs, seeking debugging steps.","is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":"latest single","description":"Original Poster, Most Recent Poster","user_id":187301,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"Social Login only works on desktop, but not on mobile devices (CSRF detected)","fancy_title_localized":true,"locale":"de","id":389975,"title":"Social Login funktioniert nur auf Desktop, aber nicht auf mobilen Geräten (CSRF detected)","slug":"social-login-funktioniert-nur-auf-desktop-aber-nicht-auf-mobilen-geraten-csrf-detected","posts_count":5,"reply_count":1,"highest_post_number":5,"image_url":null,"created_at":"2025-11-30T15:34:44.147Z","last_posted_at":"2025-11-30T19:13:29.982Z","bumped":true,"bumped_at":"2025-11-30T19:13:29.982Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"Hello,\nMy Discourse forum has a problem with social logins (Google, Discord, LinkedIn):\n\n\nOn desktop, all social logins work perfectly.\n\n\nOn all mobile devices (iOS/Android, Safari/Chrome/Firefox) it s...","visible":true,"closed":true,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":35,"name":"mobile","slug":"mobile"},{"id":233,"name":"oauth2","slug":"oauth2"},{"id":740,"name":"login","slug":"login"},{"id":730,"name":"google-login","slug":"google-login"},{"id":248,"name":"linkedin-oauth","slug":"linkedin-oauth"}],"tags_descriptions":{},"views":77,"like_count":2,"has_summary":false,"last_poster_username":"DW_dev","category_id":24,"op_like_count":1,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"Das Problem mit Social Login-Fehlern auf mobilen Geräten wurde durch ein benutzerdefiniertes JavaScript-Skript im Theme verursacht, das Seiten-Redirects auslöste und CSRF-Tokens zerstörte.","is_nested_view":null,"has_accepted_answer":true,"can_vote":false,"posters":[{"extras":"latest","description":"Original Poster, Most Recent Poster, Accepted Answer","user_id":185806,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster","user_id":15209,"primary_group_id":null,"flair_group_id":142},{"extras":null,"description":"Frequent Poster","user_id":-1,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"Invite only forum with Google, OIDC or Oauth2 login","fancy_title_localized":false,"locale":"en","id":387802,"title":"Invite only forum with Google, OIDC or Oauth2 login","slug":"invite-only-forum-with-google-oidc-or-oauth2-login","posts_count":4,"reply_count":1,"highest_post_number":4,"image_url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/c/9/1/c91306de390889e69ca7f82d74d801cf7e0133d3_2_1023x581.png","created_at":"2025-11-06T17:50:10.562Z","last_posted_at":"2025-11-12T10:43:57.065Z","bumped":true,"bumped_at":"2025-11-12T10:43:57.065Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"Hello, \nI have a self hosted discourse instance. I have set up the OIDC connect plugin to sign in users with their google account. Using the settings in the google cloud console I’m able to limit this to users within my …","visible":true,"closed":true,"archived":false,"bookmarked":null,"liked":null,"thumbnails":[{"max_width":null,"max_height":null,"width":1658,"height":942,"url":"https://d11a6trkgmumsb.cloudfront.net/original/4X/c/9/1/c91306de390889e69ca7f82d74d801cf7e0133d3.png"},{"max_width":1024,"max_height":1024,"width":1023,"height":581,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/c/9/1/c91306de390889e69ca7f82d74d801cf7e0133d3_2_1023x581.png"},{"max_width":800,"max_height":800,"width":800,"height":454,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/c/9/1/c91306de390889e69ca7f82d74d801cf7e0133d3_2_800x454.png"},{"max_width":600,"max_height":600,"width":600,"height":340,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/c/9/1/c91306de390889e69ca7f82d74d801cf7e0133d3_2_600x340.png"},{"max_width":400,"max_height":400,"width":400,"height":227,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/c/9/1/c91306de390889e69ca7f82d74d801cf7e0133d3_2_400x227.png"},{"max_width":300,"max_height":300,"width":300,"height":170,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/c/9/1/c91306de390889e69ca7f82d74d801cf7e0133d3_2_300x170.png"},{"max_width":200,"max_height":200,"width":200,"height":113,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/c/9/1/c91306de390889e69ca7f82d74d801cf7e0133d3_2_200x113.png"}],"tags":[{"id":233,"name":"oauth2","slug":"oauth2"},{"id":243,"name":"openid-connect","slug":"openid-connect"}],"tags_descriptions":{},"views":115,"like_count":2,"has_summary":false,"last_poster_username":"phil22","category_id":24,"op_like_count":1,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"User phil22 reports an error when trying to sign in with Google to an invite-only Discourse instance using OIDC, noting it's similar to a previously discussed issue, while acknowledging a prior related post.","is_nested_view":null,"has_accepted_answer":true,"can_vote":false,"posters":[{"extras":"latest","description":"Original Poster, Most Recent Poster","user_id":110946,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster, Accepted Answer","user_id":21029,"primary_group_id":47,"flair_group_id":47},{"extras":null,"description":"Frequent Poster","user_id":-1,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"SSO update avatar_url is always invalid","fancy_title_localized":false,"locale":"en","id":386950,"title":"SSO update avatar_url is always invalid","slug":"sso-update-avatar-url-is-always-invalid","posts_count":2,"reply_count":0,"highest_post_number":2,"image_url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/a/b/f/abf7747b3112c46b0f7387a480bd1b8a360b0fd2_2_1023x791.png","created_at":"2025-10-28T15:36:52.403Z","last_posted_at":"2025-10-29T12:15:26.426Z","bumped":true,"bumped_at":"2025-10-29T12:15:26.426Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"I set the avatar_force_update parameter to true， \nDiscourse Connect overrides avatar is also checked，Discourse Connect overrides avatar I also tried not to check it, but still can’t update the avatar \n  \nThe avatar…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":[{"max_width":null,"max_height":null,"width":1765,"height":1364,"url":"https://d11a6trkgmumsb.cloudfront.net/original/4X/a/b/f/abf7747b3112c46b0f7387a480bd1b8a360b0fd2.png"},{"max_width":1024,"max_height":1024,"width":1023,"height":791,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/a/b/f/abf7747b3112c46b0f7387a480bd1b8a360b0fd2_2_1023x791.png"},{"max_width":800,"max_height":800,"width":800,"height":618,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/a/b/f/abf7747b3112c46b0f7387a480bd1b8a360b0fd2_2_800x618.png"},{"max_width":600,"max_height":600,"width":600,"height":463,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/a/b/f/abf7747b3112c46b0f7387a480bd1b8a360b0fd2_2_600x463.png"},{"max_width":400,"max_height":400,"width":400,"height":309,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/a/b/f/abf7747b3112c46b0f7387a480bd1b8a360b0fd2_2_400x309.png"},{"max_width":300,"max_height":300,"width":300,"height":231,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/a/b/f/abf7747b3112c46b0f7387a480bd1b8a360b0fd2_2_300x231.png"},{"max_width":200,"max_height":200,"width":200,"height":154,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/a/b/f/abf7747b3112c46b0f7387a480bd1b8a360b0fd2_2_200x154.png"}],"tags":[],"tags_descriptions":{},"views":40,"like_count":0,"has_summary":false,"last_poster_username":"wangya123","category_id":24,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"User wangya123 reports an issue where the avatar_url update fails despite setting avatar_force_update to true and enabling Discourse Connect overrides, seeking assistance with the problem.","is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":"latest single","description":"Original Poster, Most Recent Poster","user_id":182559,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"Discourse connect avatar_url isn’t working","fancy_title_localized":false,"locale":"en","id":293036,"title":"Discourse connect avatar_url isn't working","slug":"discourse-connect-avatar-url-isnt-working","posts_count":10,"reply_count":5,"highest_post_number":10,"image_url":"https://d11a6trkgmumsb.cloudfront.net/original/4X/7/a/0/7a0f232ea884b515776f82953f56b123d048fd2f.png","created_at":"2024-01-26T09:00:12.321Z","last_posted_at":"2025-10-29T06:58:33.950Z","bumped":true,"bumped_at":"2025-10-29T06:58:33.950Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"Hi. Have faced issue with avatar update through discourse-connect. \nIn sso payload is avarat_force_update = true and avatar_url = https://files.ekool.eu/ekool/202311/3011/00/-m-ae103b0bac1fa5fc3cb65217a0183ba7b2633edae6d…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":[{"max_width":null,"max_height":null,"width":581,"height":278,"url":"https://d11a6trkgmumsb.cloudfront.net/original/4X/7/a/0/7a0f232ea884b515776f82953f56b123d048fd2f.png"},{"max_width":400,"max_height":400,"width":400,"height":191,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/7/a/0/7a0f232ea884b515776f82953f56b123d048fd2f_2_400x191.png"},{"max_width":300,"max_height":300,"width":300,"height":143,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/7/a/0/7a0f232ea884b515776f82953f56b123d048fd2f_2_300x143.png"},{"max_width":200,"max_height":200,"width":200,"height":95,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/7/a/0/7a0f232ea884b515776f82953f56b123d048fd2f_2_200x95.png"}],"tags":[],"tags_descriptions":{},"views":712,"like_count":2,"has_summary":false,"last_poster_username":"wangya123","category_id":24,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"Users report that the avatar_url in discourse-connect SSO payload is not updating avatars despite setting avatar_force_update to true, with one user confirming the same issue.","is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":null,"description":"Original Poster","user_id":143382,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster","user_id":100484,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster","user_id":146979,"primary_group_id":null,"flair_group_id":null},{"extras":"latest","description":"Most Recent Poster","user_id":182559,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"How to enable discourse id login in my site","fancy_title_localized":false,"locale":"en","id":386716,"title":"How to enable discourse id login in my site","slug":"how-to-enable-discourse-id-login-in-my-site","posts_count":5,"reply_count":2,"highest_post_number":5,"image_url":null,"created_at":"2025-10-25T08:28:20.490Z","last_posted_at":"2025-10-26T16:13:03.918Z","bumped":true,"bumped_at":"2025-10-26T16:13:03.918Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"i want to open this function to allow users login by Discourse ID \nbut i don’t know how to enable discourse id login in my site \n\nDiscourse ID is now available. Try it today!","visible":true,"closed":true,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":1057,"name":"discourse-id","slug":"discourse-id"}],"tags_descriptions":{},"views":206,"like_count":6,"has_summary":false,"last_poster_username":"whitewaterdeu","category_id":24,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"The user enabled Discourse ID login after activating 'force https' and sought help with missing client and secret keys, referencing documentation for setup guidance.","is_nested_view":null,"has_accepted_answer":true,"can_vote":false,"posters":[{"extras":"latest","description":"Original Poster, Most Recent Poster, Accepted Answer","user_id":134325,"primary_group_id":null,"flair_group_id":48},{"extras":null,"description":"Frequent Poster","user_id":135392,"primary_group_id":null,"flair_group_id":73},{"extras":null,"description":"Frequent Poster","user_id":-1,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"Discourse ID fails to activate on my instance","fancy_title_localized":false,"locale":"en","id":386023,"title":"Discourse ID fails to activate on my instance","slug":"discourse-id-fails-to-activate-on-my-instance","posts_count":27,"reply_count":21,"highest_post_number":27,"image_url":null,"created_at":"2025-10-10T18:16:53.798Z","last_posted_at":"2025-10-22T17:00:39.030Z","bumped":true,"bumped_at":"2025-10-22T17:00:39.030Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"I see this message when I try to activate Discourse_id on my test system (3.6.0.beta2-latest): \nenable_discourse_id: You must configure Discourse ID credentials ('discourse_id_client_id' and 'discourse_id_client_secret')…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":5,"name":"unsupported-install","slug":"unsupported-install"},{"id":1057,"name":"discourse-id","slug":"discourse-id"}],"tags_descriptions":{},"views":525,"like_count":25,"has_summary":false,"last_poster_username":"pmusaraj","category_id":24,"op_like_count":2,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"Thomas_Rother reports an issue activating Discourse ID on his test system, and pfaffman suggests checking the admin area, noting that the activation process should have worked based on previous steps.","is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":null,"description":"Original Poster","user_id":58437,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster","user_id":95552,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster","user_id":132988,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster","user_id":83631,"primary_group_id":null,"flair_group_id":null},{"extras":"latest","description":"Most Recent Poster","user_id":21029,"primary_group_id":47,"flair_group_id":47}]},{"fancy_title":"LDAP badge?","fancy_title_localized":false,"locale":"en","id":382116,"title":"LDAP badge?","slug":"ldap-badge","posts_count":4,"reply_count":2,"highest_post_number":4,"image_url":null,"created_at":"2025-09-09T21:09:57.666Z","last_posted_at":"2025-09-12T11:40:15.108Z","bumped":true,"bumped_at":"2025-09-22T13:25:15.155Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"Hello, is it possible to assign a badge to those whose username matches the LDAP username and were authenticated via LDAP ? We currently allow rigistering local accounts too so someone could register someone else’s LDAP …","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":2,"name":"badges","slug":"badges"},{"id":60,"name":"sso","slug":"sso"}],"tags_descriptions":{"badges":""},"views":135,"like_count":2,"has_summary":false,"last_poster_username":"pfaffman","category_id":24,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"LDAP group assignment for badge flair requires a plugin, as the current LDAP setup lacks this functionality.","is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":null,"description":"Original Poster","user_id":23649,"primary_group_id":null,"flair_group_id":null},{"extras":"latest","description":"Most Recent Poster","user_id":15209,"primary_group_id":null,"flair_group_id":142}]},{"fancy_title":"Syncing email notification and summary preferences from SSO provider","fancy_title_localized":false,"locale":"en","id":358766,"title":"Syncing email notification and summary preferences from SSO provider","slug":"syncing-email-notification-and-summary-preferences-from-sso-provider","posts_count":2,"reply_count":2,"highest_post_number":3,"image_url":null,"created_at":"2025-03-25T13:50:23.098Z","last_posted_at":"2025-09-17T12:37:31.696Z","bumped":true,"bumped_at":"2025-09-17T12:37:31.696Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"I’m working on a Discourse integration with a Drupal website (using the Discourse SSO Drupal module) and have been able to answer most of my questions with existing documentation. However, I’m stumped on this one: \nIf po…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[],"tags_descriptions":{},"views":61,"like_count":0,"has_summary":false,"last_poster_username":"KurtTrowbridge","category_id":24,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"User implemented a workaround by linking to Discourse notification settings from Drupal due to syncing limitations.","is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":"latest single","description":"Original Poster, Most Recent Poster","user_id":164435,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"Overriding avatars with OIDC","fancy_title_localized":false,"locale":"en","id":304291,"title":"Overriding avatars with OIDC","slug":"overriding-avatars-with-oidc","posts_count":4,"reply_count":1,"highest_post_number":4,"image_url":null,"created_at":"2024-02-01T09:40:52.604Z","last_posted_at":"2025-09-10T09:16:57.833Z","bumped":true,"bumped_at":"2025-09-10T09:16:57.833Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"Is there any way this plugin could overrides avatar, just like DiscourseConnect does?","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":243,"name":"openid-connect","slug":"openid-connect"}],"tags_descriptions":{},"views":269,"like_count":3,"has_summary":false,"last_poster_username":"sreenu_paruchuri","category_id":24,"op_like_count":1,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"User seeks guidance on mapping an avatar URL from an OIDC userinfo response to a custom field in the plugin.","is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":null,"description":"Original Poster","user_id":121888,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster","user_id":21029,"primary_group_id":47,"flair_group_id":47},{"extras":"latest","description":"Most Recent Poster","user_id":179745,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"Avatar is synching only on creation","fancy_title_localized":false,"locale":"en","id":304286,"title":"Avatar is synching only on creation","slug":"avatar-is-synching-only-on-creation","posts_count":6,"reply_count":1,"highest_post_number":6,"image_url":null,"created_at":"2023-11-15T09:00:33.033Z","last_posted_at":"2025-09-15T12:00:39.104Z","bumped":true,"bumped_at":"2025-09-02T16:50:04.738Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"Hello there! \nI’m using this plugin to sync user from a django site, but the avatar is sync only on creation. If user change it in django, it is not sync in discourse. \nIn fact, in Discourse managed_authenticator.rb, the…","visible":true,"closed":true,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":243,"name":"openid-connect","slug":"openid-connect"}],"tags_descriptions":{},"views":229,"like_count":5,"has_summary":false,"last_poster_username":"pmusaraj","category_id":24,"op_like_count":2,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"A PR addressing avatar sync issues has been merged, resolving the problem of avatars not updating on login.","is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":null,"description":"Original Poster","user_id":140802,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster","user_id":141994,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster","user_id":138576,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster","user_id":148406,"primary_group_id":null,"flair_group_id":null},{"extras":"latest","description":"Most Recent Poster","user_id":21029,"primary_group_id":47,"flair_group_id":47}]},{"fancy_title":"Changing SSO for new IDP","fancy_title_localized":false,"locale":"en","id":379959,"title":"Changing SSO for new IDP","slug":"changing-sso-for-new-idp","posts_count":1,"reply_count":0,"highest_post_number":1,"image_url":null,"created_at":"2025-08-22T20:21:05.870Z","last_posted_at":"2025-08-22T20:21:05.958Z","bumped":true,"bumped_at":"2025-08-22T20:21:05.958Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"We are transitioning our Single Sign-On (SSO) system due to a change in our database. We need to find the best way to link users to their existing forum accounts. Is it possible to backfill user IDs into the system so th…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":60,"name":"sso","slug":"sso"}],"tags_descriptions":{},"views":43,"like_count":0,"has_summary":false,"last_poster_username":"BlueTigger87","category_id":24,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":null,"is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":"latest single","description":"Original Poster, Most Recent Poster","user_id":155765,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"Sometimes toast the message “you were logged out”","fancy_title_localized":false,"locale":"en","id":372722,"title":"Sometimes toast the message \"you were logged out\"","slug":"sometimes-toast-the-message-you-were-logged-out","posts_count":10,"reply_count":4,"highest_post_number":11,"image_url":null,"created_at":"2025-07-03T06:01:52.972Z","last_posted_at":"2025-07-07T08:36:47.174Z","bumped":true,"bumped_at":"2025-07-07T13:36:07.837Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"We have a problem with keeping user logged in. \n\nWe connect discourse to our app with sso.\nLogin Success and redirect to discourse\nclick some board\npopup “you were logged out”\n\nour guess are below \n_forum_session value i…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[],"tags_descriptions":{},"views":186,"like_count":4,"has_summary":false,"last_poster_username":"RGJ","category_id":24,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"Users experience intermittent \"logged out\" popups during search in the production Discourse environment despite consistent versions (3.5.0.beta1) across environments, and are advised to update to the latest beta release for potential fixes and security improvements.","is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":null,"description":"Original Poster","user_id":176597,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster","user_id":1,"primary_group_id":47,"flair_group_id":47},{"extras":null,"description":"Frequent Poster","user_id":135392,"primary_group_id":null,"flair_group_id":73},{"extras":null,"description":"Frequent Poster","user_id":178716,"primary_group_id":null,"flair_group_id":null},{"extras":"latest","description":"Most Recent Poster","user_id":406,"primary_group_id":null,"flair_group_id":142}]},{"fancy_title":"Using WordPress SSO on second WordPress site","fancy_title_localized":false,"locale":"en","id":372808,"title":"Using WordPress SSO on second WordPress site","slug":"using-wordpress-sso-on-second-wordpress-site","posts_count":1,"reply_count":0,"highest_post_number":1,"image_url":null,"created_at":"2025-07-03T16:56:28.189Z","last_posted_at":"2025-07-03T16:56:28.267Z","bumped":true,"bumped_at":"2025-07-03T17:04:15.239Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"Hello, I am using the Discourse plugin for WordPress to allow those WP users to log in on my Discourse site. That all is working brilliantly. \nNow, I would like to use this same WordPress SSO to allow users to log in on …","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":66,"name":"wordpress","slug":"wordpress"}],"tags_descriptions":{},"views":41,"like_count":0,"has_summary":false,"last_poster_username":"timb","category_id":24,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"The user successfully implemented WordPress SSO for Discourse logins and now wants to extend this same SSO functionality to a second, subdomain-based WordPress site.","is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":"latest single","description":"Original Poster, Most Recent Poster","user_id":70205,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"Group Invites and SSO","fancy_title_localized":false,"locale":"en","id":371612,"title":"Group Invites and SSO","slug":"group-invites-and-sso","posts_count":1,"reply_count":0,"highest_post_number":1,"image_url":null,"created_at":"2025-06-25T09:04:48.441Z","last_posted_at":"2025-06-25T09:04:48.496Z","bumped":true,"bumped_at":"2025-06-25T09:45:00.531Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"I’m using Umbraco, and to enable users from our website to log in to Discourse, we’ve implemented a custom solution using DiscourseConnect. \nWe’d like Discourse admins to be able to invite users to join a private group u…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[],"tags_descriptions":{},"views":64,"like_count":0,"has_summary":false,"last_poster_username":"J_S_R","category_id":24,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"The user is exploring the feasibility of creating shareable invite links for private Discourse groups that seamlessly integrate with their Umbraco SSO setup, potentially using DiscourseConnect or requiring custom development.","is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":"latest single","description":"Original Poster, Most Recent Poster","user_id":178140,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"OAuth2::ConnectionError, Failed to open TCP connection to discord.com:443 (execution expired)","fancy_title_localized":false,"locale":"en","id":370772,"title":"OAuth2::ConnectionError, Failed to open TCP connection to discord.com:443 (execution expired)","slug":"oauth2-connectionerror-failed-to-open-tcp-connection-to-discord-com-443-execution-expired","posts_count":1,"reply_count":0,"highest_post_number":1,"image_url":null,"created_at":"2025-06-19T00:15:26.705Z","last_posted_at":"2025-06-19T00:15:26.793Z","bumped":true,"bumped_at":"2025-06-20T07:40:06.396Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"I’ve been trying to solve this issue for days and not getting anywhere. I have discord oauth set up, when you click authorize in the discord oauth prompt, instead of being directed to the homepage, you’re redirected to a…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":233,"name":"oauth2","slug":"oauth2"}],"tags_descriptions":{},"views":86,"like_count":0,"has_summary":false,"last_poster_username":"zoeyme","category_id":24,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"A user is troubleshooting a Discord OAuth2 setup that redirects to an error page instead of the homepage, with error logs indicating a failed TCP connection to discord.com:443.","is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":"latest single","description":"Original Poster, Most Recent Poster","user_id":177808,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"Using Assertion Lifespan to update SAML Groups on a regular basis","fancy_title_localized":false,"locale":"en","id":367227,"title":"Using Assertion Lifespan to update SAML Groups on a regular basis","slug":"using-assertion-lifespan-to-update-saml-groups-on-a-regular-basis","posts_count":1,"reply_count":0,"highest_post_number":1,"image_url":"https://d11a6trkgmumsb.cloudfront.net/original/4X/4/6/d/46d6f88c96d3d9fbdfd8d595efb893f2e187dc48.png","created_at":"2025-05-22T13:50:57.125Z","last_posted_at":"2025-05-22T13:50:57.233Z","bumped":true,"bumped_at":"2025-05-22T13:50:57.233Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"Hi everyone, \ni was trying to automatically update the Group Assignments if they change on the IDP side. Unfortunately it only works if the User logs out and on again as the assertions are only transmitted during a login…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":[{"max_width":null,"max_height":null,"width":498,"height":262,"url":"https://d11a6trkgmumsb.cloudfront.net/original/4X/4/6/d/46d6f88c96d3d9fbdfd8d595efb893f2e187dc48.png"},{"max_width":400,"max_height":400,"width":400,"height":210,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/4/6/d/46d6f88c96d3d9fbdfd8d595efb893f2e187dc48_2_400x210.png"},{"max_width":300,"max_height":300,"width":300,"height":157,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/4/6/d/46d6f88c96d3d9fbdfd8d595efb893f2e187dc48_2_300x157.png"},{"max_width":200,"max_height":200,"width":200,"height":105,"url":"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/4/6/d/46d6f88c96d3d9fbdfd8d595efb893f2e187dc48_2_200x105.png"}],"tags":[{"id":291,"name":"saml","slug":"saml"}],"tags_descriptions":{},"views":72,"like_count":0,"has_summary":false,"last_poster_username":"BaoLe","category_id":24,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"Discourse-saml plugin doesn't recheck assertions after login, requiring manual logout and login to update group assignments","is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":"latest single","description":"Original Poster, Most Recent Poster","user_id":176410,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"How to delete user accounts via API without IP blocking","fancy_title_localized":false,"locale":"en","id":314959,"title":"How to delete user accounts via API without IP blocking","slug":"how-to-delete-user-accounts-via-api-without-ip-blocking","posts_count":12,"reply_count":5,"highest_post_number":12,"image_url":null,"created_at":"2024-07-04T07:59:23.372Z","last_posted_at":"2025-06-14T13:20:45.550Z","bumped":true,"bumped_at":"2025-05-15T13:20:30.184Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"We have integrated Discourse with another app, and users are managed in Keycloak. When a user deletes his account in the other app, we also delete it via API in Discourse. \nWorks fine, but the user’s IP is then blocked a…","visible":true,"closed":true,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":330,"name":"rest-api","slug":"rest-api"}],"tags_descriptions":{"rest-api":"Topics about making an external request to Discourse"},"views":288,"like_count":8,"has_summary":false,"last_poster_username":"system","category_id":24,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"Discourse user deletion via API can prevent IP blocking with `block_ip: False`, but `block_email: False` may not always prevent email screening due to edge cases requiring a separate request to unblock emails.","is_nested_view":null,"has_accepted_answer":true,"can_vote":false,"posters":[{"extras":null,"description":"Original Poster","user_id":134770,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster, Accepted Answer","user_id":103315,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster","user_id":15209,"primary_group_id":null,"flair_group_id":142},{"extras":null,"description":"Frequent Poster","user_id":175970,"primary_group_id":null,"flair_group_id":null},{"extras":"latest","description":"Most Recent Poster","user_id":-1,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"Triggering automatic authentication via OIDC when linking to private topics?","fancy_title_localized":false,"locale":"en","id":364411,"title":"Triggering automatic authentication via OIDC when linking to private topics?","slug":"triggering-automatic-authentication-via-oidc-when-linking-to-private-topics","posts_count":2,"reply_count":0,"highest_post_number":2,"image_url":null,"created_at":"2025-05-01T18:08:55.750Z","last_posted_at":"2025-05-03T23:08:06.470Z","bumped":true,"bumped_at":"2025-05-03T23:08:06.470Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"I’m trying to get the functionality specified in this thread, but with OIDC. This thread seems to only be related to DiscourseConnect, and when I attempt the same thing for our OIDC config, it doesn’t work. Does anyone h…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":60,"name":"sso","slug":"sso"},{"id":243,"name":"openid-connect","slug":"openid-connect"}],"tags_descriptions":{},"views":92,"like_count":1,"has_summary":false,"last_poster_username":"tyler.lamparter","category_id":24,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"OIDC automatic authentication is achieved by adding ?origin=/c/:categoryId to the auth URL, such as https://connective.celigo.com/auth/oidc?origin=/c/11.","is_nested_view":null,"has_accepted_answer":false,"can_vote":false,"posters":[{"extras":"latest single","description":"Original Poster, Most Recent Poster","user_id":154769,"primary_group_id":null,"flair_group_id":null}]}]}}