Community Forum for OFN

Some groups would like to have a forum connected to an OFN instance. Wishlist

Discourse can be integrated into other sites using Single-Sign-On (SSO).

The Open Food Network needs a new feature to be an SSO provider for Discourse and some integration into the user interface (links to the forum, login logic).

There are several ways of managing the two logins on OFN and on Discourse.

Use Cases

Possible extensions

OFN guest

  • guest visits OFN
  • guest is not logged in on OFN
  • guest can’t see the link “Notices”

OFN user (without validated email address)

  • user visits OFN
  • user is logged in on OFN
  • user clicks on link “Notices”
  • browser opens a new tab with the Discourse homepage, but is not logged in (Discourse doesn’t let users login that don’t have validated email addresses.)

OFN enterprise user goes to Discourse

  • user visits OFN
  • user is logged in on OFN
  • user clicks on link “Notices”
  • browser opens a new tab with discourse/login, see Discourse Login

OFN admin user goes to Discourse

  • see OFN enterprise user goes to Discourse
  • Discourse user gains admin rights

Discourse Login

  • user visits discourse/login
  • Discourse checks if user is logged in already
  • Case a) user is logged in: redirect to Discourse home page
  • Case b) user is not logged in: redirect to ofn/sso
    • OFN creates an SSO token and redirects back to discourse/sso_login
    • Discourse verifies login and redirects to Discourse home page


  • [x] feature specification (3h)
  • [x] development install of Discourse (3h)
  • [x] SSO feature for OFN (5h)
  • [x] user interface integration (3h)
  • [x] production install of Discourse (3h)
  • [x] testing (3h)
  • [x] document feature / setup guide (3h)

Spent 3.7 days (22 hours).

Not included

  • user permission management: give special rights on Discourse to enterprise users on OFN

when user clicks on ‘noticeboard’ can we take them to a new tab rather than
navigating away from the page they’re on?

also, as just discussed, only enterprise users actually have their emails
validated so if discourse requires validated email we can only create
’flow-on’ users for enterprise users to start with. This is fine is mvp
case :slight_smile:

I’m just implementing the Login. What do you think about giving the following privileges:

  • OFN user -> Discourse user can read and write
  • OFN enterprise user -> Discourse moderator can edit all posts and users, but cannot add categories or change any site settings
  • OFN admin -> Discourse admin can do anything and configure anything on this site

Or would you like to give enterprise users just normal user permissions?


Hi Maikel - I think OFN enterprise users have same discourse permissions as normal OFN user.

That’s awesome @maikel! Both Norway and France would like to have a Discourse attached to the instance where we can discuss with our local community about governance, but also users questions (in our own language), sharing good practices for managing different types of hubs, etc.
Can we already do that or do we need the whole roadmap to be complete? Like I guess we need the setup guide to be able to do that in our local instance, am I right? If I understand well it’s missing 1/2 day to finish that right?
Let us know if that is already in the Australian backlog or if you need some contribution from the community to be able to finish this :smile:
Ping @CynthiaReynolds @sigmundpetersen @marito59 @Selmo @nickwhite

And just a complementary question: can we set up a Discourse now (like can I do it today) and “link” it later to a local instance? Thanks :wink:

can we set up a Discourse now and “link” it later to a local instance?

Yes, you can. Just be aware that once you link it to your OFN, you can only login with an OFN account. There will be no password login on Discourse any more, only OFN.

I was waiting for Serenity to test the new feature, but I should discuss that with the team tomorrow since Serenity is probably busy with the new family member. :smile:

@MyriamBoure We have a little plan for you. If you like, you can setup a French or Norwegian Discourse and we can link it to staging1 for now. You can then test everything and set it up as you like. Once you are happy with the new feature, we can merge it into our master branch and make a new release. And once you upgrade to that release, we can link that Discourse to your upgraded instance. What do you think?

That sounds good @maikel! But I’m not the expert in that subject… what do you think @marito59? Do you understand the tech part of it?
I like that everything will be on the same entry point: the instance website, and from there you can click on “community forum”. No problem for me that they have do be logged in OFN (but then you need a pop up in case you click on the community forum button and you are not logged in so that you can create your account), BUT can only the hub manager access the discourse, or also just regular buyers do?
I had understood that only accounts with validated emails could access Discourse, but in OFN the email is only validated if you create an entreprise… That might be a serious limitation for us, and in that case, I think it would be better not to link the Community forum to the instance…
Ping @nickwhite and @gnollet

@maikel, just to be sure I understand correctly, the SSO is implemented in OFN and will be available to our own Discourse instance when we will upgrade OFN to the release where the SSO is implemented, right ?

If yes, then, @MyriamBoure, I understand the technical details.

@marito59 Yes, that’s right. You can set the URL and the SSO secret of you Discourse instance in your application.yml file.

@MyriamBoure The current implementation works like this: If you are not logged into OFN, you don’t see the link to the community forum. If you are logged in as enterprise user, you see the link and will be logged into Discourse automatically. If you are a normal customer, you can click on the link, but you will not be logged into Discourse. You can only read, not write. If you then click the Login button on Discourse, then Discourse will send a validation email to your email address.

@marito59 @gnollet can we proceed for France the way @maikel propose, or do you want to do that differently?
@sigmundpetersen are you up to the challenge for Norway?

@MyriamBoure Yes I would like to have a go at setting up a Discourse instance. I cannot guarantee a timeframe though, a couple of weeks maybe.

1 Like

@sigmundpetersen let me know when you are ready to work on this, I would be very interested to discuss the categories and see how we can get the national discussions going about local food systems and gather the momentum to bring on new communities. Norway is ripe for a one stop shop to discuss how we can do this together and I think this is it.
Having an open discussion for users, and a closed group discussion for enterprise owners would work well for us.

@maikel the French Discourse is installed!!! Thanks to @gnollet :smile:
I had just one question: how did you imagine the UX from OFN to Discourse? A button “Discussion forum” on the top bar that would redirect to Discourse?
Also I was wondering… is I have an account in OFN already, but I have looged out. If I connect to Discourse, will Discourse “recognize” me anyway? Or may I be asked to create an account, which would be confusing, I might create another account on Discourse just because I’m not connected in OFN at the moment.
Thanks for the clarification :wink:
Ping @marito59 as well.

how did you imagine the UX from OFN to Discourse?
A button “Discussion forum” on the top bar that would redirect to Discourse?


I have looged out. If I connect to Discourse, will Discourse “recognize” me anyway?

If you are on the OFN site and not logged in, there will be no “Discussion forum” link.
If you go to Discourse directly, it could be that Discourse still remembers you. If it doesn’t remember you (last login was a while ago), then there will be a login button. If you click login, it redirects to OFN where you have to enter your username and password. After the OFN login you will be redirected to Discourse.

Once Discourse is linked to OFN, there will be no signup button on Discourse any more.

@serenity How is your testing going? Should we run the Discourse login feature through Sally and put it into production? There will be no visible change until we link a Discourse instance to our OFN site.

Ping @gnollet :slight_smile: Sounds good! Thanks @maikel!

We tested the new feature in there is one thing that needs attention.

Discourse needs confirmed email addresses for users. But the OFN doesn’t confirm email addresses of users. It only confirms email addresses of enterprises. If a user’s email address is the same as one of its confirmed enterprises’ email addresses, we count that email address as confirmed. But if a user is only the owner of enterprises with different email addresses, that user is not logged into Discourse automatically.

The solution would be to introduce email address validation on user level instead of enterprise level. Should we do that? @serenity @sstead @oeoeaio @danielle

And should we still proceed with the current Discourse feature?

Oh god please yes. See my post in Confirmation Emails and Registration Flow. This would mean we could remove the need to confirm enterprise emails altogether!!!

I think we can proceed with pushing the discourse feature and then put this email confirmation issue on table for next sprint plan?