Differences

This shows you the differences between two versions of the page.

Link to this comparison view

documentation:2.1:applications:discourse [2019/02/21 17:20] (current)
maxbes created
Line 1: Line 1:
 +====== Discourse ======
  
 +{{ :​applications:​discourse.jpg }} 
 +
 +===== Presentation =====
 +
 +[[https://​www.discourse.org/​|Discourse]] is a conversation-oriented forum engine ​
 +
 +Discourse supports [[https://​meta.discourse.org/​t/​official-single-sign-on-for-discourse-sso/​13045|its own Single-Sign-On scheme]] but is also compatible with standard protocols such as SAML and OpenID Connect, through plugins. ​
 +
 +This documentation illustrates the OpenID Connect plugin.
 +
 +First, make sure you have set up LemonLDAP::​NG 's [[../​openidconnectservice|OpenID Connect service]] and added [[../​idpopenidconnect|a Relaying Party for your Discourse instance]]
 +
 +Discourse can use the following OpenID Connect attributes to fill the user's profile:
 +
 +   * name
 +   * email
 +   * given_name
 +   * family_name
 +   * preferred_username
 +   * picture
 +
 +Make sure you create a username and password for the Relying Party, and that the discourse callback URL is allowed : https://​discourse.example.com/​auth/​oidc/​callback
 +
 +===== Discourse configuration =====
 +
 +==== Plugin installation ====
 +
 +Install the [[https://​meta.discourse.org/​t/​openid-connect-authentication-plugin/​103632|Discourse OpenID Connect Plugin]] according to these instructions
 +
 +==== Plugin configuration ====
 +
 +Browse to your Discourse admin interface, and to the plugin settings
 +
 +  * openid_connect_enabled:​ //Yes//
 +  * openid_connect_discovery_document:​ https://​auth.example.com/​.well-known/​openid-configuration
 +  * openid_connect_client_id:​ //Client ID you chose when configuring the Relying Party//
 +  * openid_connect_client_secret:​ //Client Secret you chose when configuring the Relying Party//
 +  * openid_connect_authorize_scope:​ //openid email profile//