This is a discourse plugin to do Single Sign On using Auth0.
Demo: https://ask.auth0.com
- Support for Active Directory / LDAP (see animated gif)
- No matter if Discourse is on the cloud or on-prem, it will work transparently
- Support for Kerberos too (configured by IP ranges)
- Support for other enterprise logins like SAML Protocol, Windows Azure AD, Google Apps, Salesforce, etc. All supported here: https://docs.auth0.com/identityproviders.
- Support for social providers without having to add OmniAuth strategies by hand. Just turn on/off social providers (see animated gif)
- Support for Single Sign On with other Discourse instances and any other application in your account (see animated gif.
-
Create an account on Auth0 and register a new Rails application, note: ignore the rails tutorial in Auth0.
-
Run in your discourse root folder:
$ rake plugin:install repo=https://github.com/auth0/discourse-plugin name=auth0
$ rm -rf tmp public/assets
$ rake assets:precompile
-
Login as an adminstrator to your discourse setting using one of the pre-existing auth plugins.
-
Configure the Auth0 plugin in the admin section
- Enjoy!
You can keep using Discourse Login dialog and integrate only a specific connection from Auth0. It will show up as another button like the social providers.
Go to admin site settings for Auth0 and change the auth0_connection with the connection name you want to use from Auth0.
$ RAILS_ENV=production bundle exec rails c
$ u = User.find_by_email('the-email-you-want-to-make-admin@whatever.com')
$ u.admin = true
$ u.save!
- Add a plugin UI on the Admin section ot configure the secrets, etc.
- Add support for using Discourse Login user/password input to call Auth0 on AD/LDAP connections using auth0.js
MIT - 2014 - AUTH10 LLC