Is there any way that our Mondo and Mondo Community accounts could be linked to one another (by email address perhaps) so as to automatically log us in to the community when we use it through the Mondo app? Would be a great time saver.
We’d love to! You’ll have to hassle @ole though There’s so much we want to build and so it’s difficult to prioritise this as much right now
I would also love this!
I think Discourse has support for single sign-in
Indeed it does! A little strange to add in later when you have some accounts in and some out of the SSO but in my experience, it works beautifully.
Maybe as an option rather than compulsory. A certain new bank (Fidor) have had people in their community who have expressed dislike for linking their bank and community accounts.
The main thing with implementing SSO would be ensuring that the Mondo user IDs do not become enumerable. Any potential future security vulnerabilities are made much worse by having a long list of user IDs to attack.
Indeed, I’ve found many services where the main site had proper rate limiting and lockouts but their integration with a 3rd party (it’s usually support but same issue with forums) had no such limitations and I could run thousands of emails through in just a few seconds.