tropic helmBOT
Hi I have issues to configure SSO via Discord. Is somebody here using Discord for SSO with a success?https://github.com/directus/directus/issues/11951#issuecomment-1651852146.
Just so you know, we have moved your message here, @amber cipher. In future, please ask questions in one of the help channels as per the server rules.
@storm folio was the person who moved it, so if there's aditional context, they will add it here for you. Your original post has been deleted.
Thanks for posting! This is a community powered server, so you may or may not get an answer based on available help and expertise. To increase your chances of somebody being able to help you, please help us help you making sure you:
When you're done with this thread, please close it. Thanks! ✨
(If you have a support agreement and need help, please contact the core team via email.)
storm folio
amber cipher
@storm folio sorry didn't realized it's moved
Btw the github issues you posted is a different problem
storm folio
Not related? it happens 😬 both questions happened top be about configuring discord SSO
storm folio
The author of that issue is here in discord tho and seems to have gotten it running, perhaps he can help shine some light on your issue
amber cipher
@storm folio can we invite him here?
@native marsh Hi, sorry to bother you. Just wanted to ask if Discord SSO works on your side?
@glass sage Hi sorry to bother you. It seems like you've been also involved on github and helped solve the issue. Any idea what could be the problem?
native marsh
<@444932960454705175> Hi sorry to bother you. It seems like you've been also inv...
never a bother if its about directus! (but there is a rule about not tagging Directus Core Staff 😉 )
I do have discord working now
I actually just finished getting it working last night
looking at the issue above
@amber cipher
this does not work:
AUTH_DISCORD_DRIVER="oauth2" AUTH_DISCORD_CLIENT_ID="string:1111111" AUTH_DISCORD_CLIENT_SECRET="1111111" AUTH_DISCORD_ISSUER_URL="https://discord.com/oauth2" AUTH_DISCORD_AUTHORIZE_URL="https://discord.com/oauth2/authorize" AUTH_DISCORD_ACCESS_URL="https://discord.com/api/oauth2/token" AUTH_DISCORD_PROFILE_URL="https://discord.com/api/users/@me" AUTH_DISCORD_ALLOW_PUBLIC_REGISTRATION="true" AUTH_DISCORD_DEFAULT_ROLE_ID="xxxx" AUTH_DISCORD_ICON="discord" AUTH_DISCORD_LABEL="Discord" AUTH_DISCORD_SCOPE="email" AUTH_DISCORD_IDENTIFIER_KEY="email"
why? because of the identifer key and scope!
also in client id it only needs quotes. string: is not needed
AUTH_DISCORD_DRIVER=oauth2 AUTH_DISCORD_CLIENT_ID="clientid" AUTH_DISCORD_CLIENT_SECRET=secret AUTH_DISCORD_AUTHORIZE_URL=https://discord.com/oauth2/authorize AUTH_DISCORD_ACCESS_URL=https://discord.com/api/oauth2/token AUTH_DISCORD_PROFILE_URL=https://discord.com/api/users/@me AUTH_DISCORD_ALLOW_PUBLIC_REGISTRATION=true AUTH_DISCORD_DEFAULT_ROLE_ID=xxx AUTH_DISCORD_ICON=discord AUTH_DISCORD_LABEL=Discord AUTH_DISCORD_IDENTIFIER_KEY=username AUTH_DISCORD_SCOPE=identify
that will do it
amber cipher
@native marsh thx I will try right away
native marsh
was the issue you were receiving before "service unavailable" by chance?
amber cipher
yep
amber cipher
yep the callback is right
native marsh
okay cool
amber cipher
Man it works
amber cipher
you are the boss
native marsh
I had to look at their oauth2 docs and pick apart what was needed. Looks like some things had changed since the last time peeps had set it up 🙂
amber cipher
thank you very much
native marsh
you are most welcome!
amber cipher
thank you again
native marsh
If you have any other SSO quirks feel free to ping me!
make sure to hit that shiny green close button 🙂
native marsh
have you implemented twitter as well?
I currently use Discord, Twitch and Github.
I will be adding Kick.com soon as they are launching their API this month (last I checked)
Twitter might be changing drasitically since its now just X
So imho I would hold off on it while they figure out their new branding
amber cipher
can you pls send me your twitter configs?
native marsh
as it might affect their api etc
native marsh
Yea elon doing some funny stuff so im assuming their API will be changing again to match the new X name
amber cipher
ok I'll close the issue now
native marsh
so like the oauth urls etc probably will change
amber cipher
thx again
native marsh
anytime!
amber cipher
@native marsh is there a way how to fetch email as well?
The discord works but it didn't save the email from the customer
native marsh
Yes. I beleive discord allows you to see the email (Ill have to double check if its an additional scope)
but you would add something like this:
AUTH_DISCORD_EMAIL_KEY = email
You can also set first name and last name. But as far as I know and someone correct me if I'm wrong, but there isnt one for avatars atm.
native marsh
I know! but I dont think there is a key to set yet. I think it would need to be a PR enhance for sso itself to be able to set the key. But I could be wrong. But its not in the directus docs explicitly
amber cipher
native marsh
is that after adding AUTH_DISCORD_EMAIL_KEY ??
amber cipher
AUTH_DISCORD_SCOPE="identify,email"
native marsh
you might be able to get away with just identify. You would make a custom callback url in the discord dev area
you would just need to set the email key one
amber cipher
ok let me try
amber cipher
Well I already had that before
native marsh
and it was posted in:
amber cipher
but that is for different use
the discord generates the link
not the settings in developer portal in discord
I have an idea
native marsh
I generated it and put it in the custom url settings for the auth link.
Let me take a look at their docs
native marsh
what did you change?
amber cipher
AUTH_DISCORD_SCOPE="identify email"
native marsh
ahhh no ,
amber cipher
not comma separated
space instead of comma
I saw the generated url %20 is for space 😉
amber cipher
now deploying to server
let's hope it will work there as well 😉
we should enhance directus docu
I'll post a PR for it
native marsh
as long as email key is set you are good!
you can also change identifier to email now if you wanted instead of username
SSO could use some updated examples for sure. Discord was a fickle one
amber cipher
will try, thx
native marsh
Yea elon doing some funny stuff so im assuming their API will be changing again ...
The @x handle mishandling was only one of the many haphazard steps involved in the rebranding of Twitter to X, owner Elon Musk’s favorite letter. According to reports, Twitter didn’t secure the intellectual property rights to the “X” brand, as Microsoft, Meta, and others have claims to various “X” trademarks. It also didn’t get permission from the city to remove the Twitter signage on the building, forcing police to stop the work. It didn’t fully update its website and app, which though now sporting an “X” still implored users to “search Twitter” or push a button to “Tweet.”
And it didn’t reach out in advance to secure the @x Twitter handle for itself, as TechCrunch recently learned.
the handle thing itself idk. but the rest is funny
storm pier
You're doing gods work @native marsh helping with these SSO issues. When I implemented the SSO functionality, I didn't put a great deal of time into the docs. My intention was to revisit it eventually and clarify things, but it never really happened 😅
I've noticed an increased number of people experiencing issues recently (usually with problems boiling down to lack of clarity in the docs), so maybe it's something the core team might want to take a look at?
native marsh
You're doing gods work <@263163420440920064> helping with these SSO issues. When...
Thank you! The implementation was written very well from the start. So absolutely bangarang work on that!
I think SSO docs could use a little love. I know it can be hard to find this page for alot of peeps which I think would help:
glass sage
It's just so vendor specific which makes it hard to fully document 😳
native marsh
It's just so vendor specific which makes it hard to fully document 😳
oh 100%. And things can change over time on the vendors end that might break the example too.
But maybe making the SSO example page a little more prominent.
maybe show examples as a sub item under SSO here might help
I know it can be found easily in search, but not everyone uses that :p
That should do it :p
