Before opening this service broadly to the community, one thing we must agree on is the way we manage authentication and permission.
Let first clarify permission.
Discourse has a specific and very interesting way for open communities to manage permission.
Someone is either a “staff” member or a “regular” user.
Regular users rely on a trust system that they build themselves by interacting with Discourse.
Staff members can be an admin in which case they have access to every possible configuration. Or they can be a moderator to moderate discussions .
I am expecting very few admins like 3-5 and as much moderator as needed.
All that to be said, we won’t have “advanced” groups needed as most of the permission should be managed by people themselves.
Now let’s look at the different authentication options.
Delegate authentication to Linux Foundation
As a Linux Foundation project, we have access to their sso
The benefits are the number of authentication methods allowed.
LF account and Google/Facebook/Linkedin/Github
Keep authentication in discourse
- No external dependencies
- We can configure Google/Github/Linkedin/Twitter/Facebook
- We use the default Discourse user registration process
- Members are allowed to delete their account
- We could reuse existing Jenkins accounts but honestly I am strongly opposed.
Keeping everything inside Discourse means no third-dependencies like having to open support on Linux foundation, and no extra work excepted the initial integration configuration. So my preference would be that one but I may miss something.
Which authentication method do we use?
- Linux Foundation
If we decide to go with the second approach and let Discourse handle authentication
then we must agree on which additional social network we want to use between Github/Linkedin/Google/Twitter/Facebook. In this case, which social network should we allow?
PS: Considering that we are currently working on invite-only to keep control on the number of registration until we decide on a method.
Feel free to provide feedback or request access here