How complex is it to plug an external auth provider

arelaxend · February 8, 2020, 10:12am

Hello Ghost contributors,

How complex is it to plug an external auth provider such as Auth0 or any cloud based authentification (AWS Amplify, firebase) ?

Or best, is it easy to bypass the authentification system by providing some tokens or just a call to a function that just does “hey this user xxx is connected” directly somewhere in the code ?

Cheers, A.

DavidDarnes · February 25, 2020, 9:09am

Hey @arelaxend, can I ask what you’re trying to achieve with Ghost by using an external auth provider?

ceecko · March 1, 2020, 8:03am

We’d love to have a single sign-on experience, but couldn’t find a way to do it natively in Ghost

rosnovsky · March 25, 2020, 2:29am

Hey team!

I’m in the same boat: with introduction of Members (fantastic feature!) I must find a way to integrate the members that I already have elsewhere (in my case, they are in https://auth0.com) and let them login with their prefered method and existing credentials. It would also allow users to login their way (social, SSO/SAML, passwordless SMS, with/without MFA, etc).

Basically, it’s just delegating authentication flow to an external service, getting an access token and an id_token back from them, and using these items as usual.

As I work for a company that does exactly this (we do identity management), would it be possible to collaborate with someone in some way on this integration?

Cheers!

rosnovsky · April 1, 2020, 2:05am

pinging @DavidDarnes for visibility

elijahsgh · April 1, 2020, 3:21am

I’m in the same boat: App Integrations, Auth

I would love to use an external auth provider or even use Ghost itself as an Identity Provider. I would like my members to be able to leverage SSO across several services (example: Ghost, Discourse) and ideally something like Auth0 would be great.

mrsimons · May 24, 2020, 10:33am

Did anyone here make any progress with this?
I’m currently trying to scope out hooking ghost into an app we’re working on, and it’d be super useful to be able to use firebase auth.

finn · December 4, 2020, 9:53am

It is the highest requested non-planned feature for Ghost. I suggest voting for it here:

Did anyone make progress and open source anything?

Marek_Owsikowski · June 30, 2021, 10:11am

I did a hack to bypass the email confirmation. So you filled in email &yourwishedpassword, click ok and you got a new user with the role you configured. It was not hard. Is that what you meant?

kose_mark · June 30, 2021, 3:40pm

I recently posted about this in another thread as well.
It may help to understand what could be done with Ghost code as of now.

GhostDog · January 21, 2023, 10:45am

Any updates on integrating ghost with other self-hosted auth providers? Would one us OAUTH?

Topic		Replies	Views
H1 2023 External Auth Provider / SSO / Member API Integrations & API	0	572	February 10, 2023
Leveraging 3rd party sign-in Developer help	9	1518	May 23, 2023
App Integrations, Auth Using Ghost	1	1374	December 4, 2020
SSO For Members Integrations & API	3	1334	July 14, 2023
Auth0 + Ghost: Share authentication between Ghost + custom app Developer help	4	3785	July 24, 2018

How complex is it to plug an external auth provider

Related topics