Disallow viewing forums for users with SSO
Hi,
Let's say I have 2 forums in my account (1 and 2) for two different organizations. Users from the first organization are redirected to forum 1 by the widget, and users from the other organization are redirected to forum 2. They shouldn't be able to see the other forum. That is why I have set 'allowed_private_forums' in the SSO token, with only forum 1 set for organization 1, and only forum 2 for organization 2 (determinated by our software). My privacy settings for both forums are:
Somehow it is still possible for a user from organization 1 to see and post to forum 2 if they know the url. Is this a bug in SSO, or am I doing it wrong? I hope it is possible to fix. Thanks for your reply.
Hello Robert,
Just disable "Allow access to this forum for users who authorized with SSO". It does mean all SSO users have access to this forum!
If you provide access through allowed_private_forums it is enough.