How to enable SSO with commento on ghost 3.6.0?

Hi everyone, I have implemented commento commenting system on my ghost blog, it was pretty straightforward and users can anonymously comment or register.

I want to leverage the SSO feature provided by commento, the documentation can be read at : https://docs.commento.io/configuration/frontend/sso.html

I presume this should be added to ghost, I am using the docker image and I am unaware of a development environment for docker other than the theme.

How can I implement the SSO in ghost so I can use commento with Gitlab, Google, Github, etc… ?

Hi @kopax

thanks for visiting my Ghost & Commento tutorial and asking the question there. I’ll respond here as well.

I think you are describing two different things:

  1. Can Ghost consume the Commento SSO method (documented above)? I believe the answer is no, I’m not aware of this feature. Essentially, Ghost should be modified to accept and handle the requests for the http://example.com/sso/commento?token=TOKEN&hmac=HMAC endpoint mentioned in the Commento documentation. This would allow Commento to work with Ghost’s own authentication system.

  2. Can either Commento or Ghost use external identity providers (such as the one you mentioned - Gitlab, Google, Github)? I believe the answer is no to both. Commento should be modified to integrate with the SSO implementation of each of the above providers (typically OAuth or OpenID Connect). Ghost should also do the same - I think there is a feature request here.

Hope this helps!

Paolo

1 Like