Migrating from Talk v4.x to Coral v7+: Auth strategies
Coral v7+ supports more authentication strategies than v4 out of the box with no plugins required. Read more about social authentication strategies and OIDC (new)
#
SSO in v7+In Legacy Coral, SSO authentication required:
- a service to generate JWTs
- a custom plugin to create and authenticate talk users from the JWTs
In Coral v7+, user creation and authentication is handled by Coral, to authenticate, you need to generate a JWT that matches the Coral format, sign it with the secret provided by Coral, and pass that JWT to Coral in the embed code.
Find out how to generate a signed token. Note that the fields are different:
jti
: now optionalexp
: now optionaliat
: new when the token was issuedsub
: deprecated replaced byuser.id
user.email
: new, requireduser.username
: new requireduser.id
: new required replacessub
user.badges
: new optionaluser.role
: new optionaluser.url
: new optionaliss
: deprecatedaud
: deprecated