Joe Hallissey

I saw in the API reference that we can choose to have an SSO user be allowed to view a private forum: https://mercyhome.userecho.com/dev/api/forums/create


If we have multiple private forums, can we use the API or SSO to choose which forums the user has access to?


For example, when when create a new SSO user "John", can we have him access forum A, but user "Jane" accesses forum B?



Vladimir Mullagaliyev
Answer Answered
Hello Joe.
Yes, you can.
You must create private forums (manual from administrative interface or through API).
In the SSO package for your user  (https://mercyhome.userecho.com/settings/features/sso/) pass additional parameter:
allowed_private_forums: [forum_id, forum_id, forum_id]


alexander
Hi guys, 

I can't  get this to work for some reason. Whatever I send in allowed_private_forums seems to be ignored completly. 
In my test setup  http://amember.userecho.com/ I have three private forums, what I need to do is to specify what forum user should have  access at the moment, so for example if I send empty allowed_private_forums array, user should not have access to private forums at all. 
Each private forum has "Allow access to this forum for users who authorised with SSO." checkbox enabled. 
Here is example of SSO message which I sent: 
{
"guid":572,
"expires_date":"2014-02-20 14:49:48",
"display_name":"alexivanoff",
"email":"xxxxxxx@xxxx.com",
"locale":"en",
"avatar_url":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"allowed_private_forums":[29966]
}

SSO itself is working, and avatar is being accepted, but I can access all private forums, and I can post to all private forums.
If I disable "Allow access to this forum for users who authorised with SSO", I can't access forum at all. 
So what I'm doing wrong? 
Thanks in advance! Great work btw. 
Sergey Stukov
Quote from alexander
Hi guys, 

I can't  get this to work for some reason. Whatever I send in allowed_private_forums seems to be ignored completly. 
In my test setup  http://amember.userecho.com/ I have three private forums, what I need to do is to specify what forum user should have  access at the moment, so for example if I send empty allowed_private_forums array, user should not have access to private forums at all. 
Each private forum has "Allow access to this forum for users who authorised with SSO." checkbox enabled. 
Here is example of SSO message which I sent: 
{
"guid":572,
"expires_date":"2014-02-20 14:49:48",
"display_name":"alexivanoff",
"email":"xxxxxxx@xxxx.com",
"locale":"en",
"avatar_url":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"allowed_private_forums":[29966]
}

SSO itself is working, and avatar is being accepted, but I can access all private forums, and I can post to all private forums.
If I disable "Allow access to this forum for users who authorised with SSO", I can't access forum at all. 
So what I'm doing wrong? 
Thanks in advance! Great work btw. 
Option "Allow access to this forum for users who authorised with SSO" must be uncheked for all private forums.

We checked you last SSO token, it's correct and authorises to the https://amember.userecho.com/users/828507-alexivan... user. After authorisation only "Members" forum displayed and accessible.

Also add at least 1 hour to the expires_date

Please feel free to leave private request to our helpdesk, and we will be able to address and help you with issue.
 Sign in to leave a comment