Third party Single Sign On (SSO)

Any updates on this? I’d love to have single sign-on too!

I found how to setup single sign-on and completely disable password authentication on a self-hosted NextCloud installation. I’d like very much to do the same for Ghost, since it makes authentication so much easier and safer when you can just login with Google.

2 Likes

Hey, any update on this? Would really help expand our slew of web apps with a SSO.

I’d love to see SSO. The current sign-on process via email is terrible. I’m on Ghost Pro and often the emails won’t arrive for minutes, which is a pretty bad user experience.

1 Like

Integration for “Staff”/authors to some SAML/OAuth2 SSO providers would be of benefit to medium to large sized organizations.

Okta, LogMeIn, Azure ADFS, Google … these are some of the major SSO vendors.

This integration would allow an organization to securely manage access and to provision & de-provision authors as they come and go with the company.

Do we have a timeline of when the open source version will have this feature?

1 Like

There are no timelines. There’s no non-open-source version, all work on Ghost is open source.

1 Like

Someone mentioned here that there was SSO/OAuth support for the enterprise version. Is this true?

There’s an open invite for enterprise-plan customers to work with us on a beta implementation but so far none have needed it. Any work that is done would be in the open source version because there’s no “enterprise version”, there’s only the open source version :slight_smile:

Is there a discussion/plan about implementing OAuth2 that general open source developers such as myself can get involved in? The slack link just redirects to the forum and I see no discussions taking place in the forum for OAuth2 implementations.

work with us on a beta implementation

So is there or isn’t there a beta implementation?

It seems like there was some discussion around oauth here a while back. It also links to a slack channel which you can’t access:

The ghost(pro) plans list it as a feature, I thought?

No one at all is using SSO?

This really surprises me too. Is it just me or does it feel like there is a disconnect between non-enterprise open source community members and the devs?

I tried to roll my own a while ago but slammed into a few walls. It isn’t supported to run Ghost as an express app and use SSO libraries. I didn’t get far. I don’t remember what version I tried that on.

I’m not sure what the effort is but if they say Pro plan customers have zero interest in SSO or tokens I believe them.

Surely if this has been one of the most requested features, we’d have heard more from the developers themselves about supporting such a feature and perhaps working with community members to upstream any work?

Would any of the Ghost developers themselves care to comment on this and perhaps we can work together to resolve this?

Another open source blogging platform which allows you to self host looks like it has managed to implement OAuth:

Seems this feature is being tracked internally!

It’s in beta behind a paywall:

We’re currently working on support for using custom external authentication providers via OAuth2, and have a closed beta program for interested business plan customers.

@Kevin - so is there a closed source version of Ghost with OAuth?

I think this is where a lot of confusion is coming from. This would indicate that there is a closed source version of Ghost with OAuth2:

so is there a closed source version of Ghost with OAuth?

No, there isn’t as stated in my reply that you quoted.

This would indicate that there is a closed source version of Ghost with OAuth2:

No, it wouldn’t. I explained this earlier:

There’s a long (and constantly shifting) pipeline of potential feature work, OAuth is certainly tracked there along with everything else. All of the information about OAuth availability is here in this thread and will be added to any time there’s information to share. There’s no need to spam the forum with repeated questions trying to get different answers than the ones that have already been given.

1 Like

Wow this is one of the most voted but not planned feature on Ghost. Any plans to get this in Ghost 4.0 ?