Discord Authentication
Follow these steps to enable “Sign in with Discord” on your Spokes application.
1. Get Discord Credentials
Section titled “1. Get Discord Credentials”- Go to the Discord Developer Portal and click New Application.
- Name your app (e.g., “Spokes Login”) and click Create.
- Go to the OAuth2 tab in the left sidebar.
- Under Redirects, click Add Redirect and enter your exact Spokes callback URL:
https://<your-spokes-domain>/callback - Copy your Client ID.
- Click Reset Secret and copy your Client Secret.
2. Add Provider to Spokes
Section titled “2. Add Provider to Spokes”- Log into your Spokes admin account
- Navigate to the Members & Groups page (your-server-url.com/Organization).
- Click the Open Casdoor button in the top right corner to access the Casdoor dashboard.
- Go to Identity -> Providers -> Add in the sidebar.
- Configure the following fields:
- Name:
provider_discord - Category:
OAuth - Type:
Discord - Client ID: (Paste your ID from Step 1)
- Client Secret: (Paste your Secret from Step 1)
- Name:
- Click Save.
3. Enable Discord for the Spokes App
Section titled “3. Enable Discord for the Spokes App”- Go to Identity -> Applications in the sidebar and edit the
spokesapp. - Navigate to the Providers tab -> Providers section and click Add.
- Select
provider_discordfrom the list. - Click Save at the bottom of the page.
4. Configure Registration Rules
Section titled “4. Configure Registration Rules”Depending on how open or restricted you want your server to be, there are three common ways to configure how Discord accounts are allowed to register:
Option 1: Open to Anyone
Section titled “Option 1: Open to Anyone”Anyone with a Discord account can sign in and create an account.
- While editing the
spokesApplication, go to the UI customization tab -> Signup items section. - Find the row for Invitation code and uncheck the Required box.
- Go to the Authentication tab and ensure Enable signup is toggled ON.
- Click Save.
Option 2: Restricted by Email Address
Section titled “Option 2: Restricted by Email Address”Only specific Discord emails (e.g., specific domains) are allowed to register.
- Go to Identity -> Providers and edit your
provider_discord. - Under the Email regex field, add a regular expression to match the emails you want to allow. Save the provider.
- Example (Specific Domain):
.*@yourcompany\.com$ - Example (Specific Email List):
^(user1@example\.com|user2@example\.com)$
- Example (Specific Domain):
- Go back to Identity -> Applications -> edit
spokes. - Go to the UI customization tab -> Signup items, and uncheck the Required box for Invitation code.
- Tip: To force users to ONLY use Discord and prevent manual registrations, you should make the signup link invisible (under UI customization tab -> Signin items -> Signup link) and make all items in the Signup items list invisible by unchecking their Visible boxes.
- Click Save.
Option 3: Invite-Only (Link to Existing Accounts)
Section titled “Option 3: Invite-Only (Link to Existing Accounts)”Only users who have already been invited or have an existing Casdoor account can link their Discord.
- In the
spokesApplication settings, go to the UI customization tab -> Signup items -> Invitation code and keep it checked as Required. This blocks strangers from creating new accounts. - Go to the Authentication tab and ensure Enable Email linking is toggled ON.
- Click Save. (When invited users click the Discord button, Casdoor will see their email matches their invited account and securely link them together!)
Troubleshooting Quick-Fixes
Section titled “Troubleshooting Quick-Fixes”- “Invalid OAuth2 Redirect URI” (in Discord): The Redirect URL you entered in Step 1 doesn’t exactly match your server. Double-check for typos or missing
https://. - “Failed to load callback handler” (in Spokes): Your Discord Client Secret is incorrect. Generate a new secret in the Discord portal and paste it into your Spokes Provider settings.