Third party Single Sign On (SSO)

Do we have a timeline of when the open source version will have this feature?

1 Like

There are no timelines. There’s no non-open-source version, all work on Ghost is open source.

1 Like

Someone mentioned here that there was SSO/OAuth support for the enterprise version. Is this true?

There’s an open invite for enterprise-plan customers to work with us on a beta implementation but so far none have needed it. Any work that is done would be in the open source version because there’s no “enterprise version”, there’s only the open source version :slight_smile:

1 Like

Is there a discussion/plan about implementing OAuth2 that general open source developers such as myself can get involved in? The slack link just redirects to the forum and I see no discussions taking place in the forum for OAuth2 implementations.

work with us on a beta implementation

So is there or isn’t there a beta implementation?

It seems like there was some discussion around oauth here a while back. It also links to a slack channel which you can’t access:

The ghost(pro) plans list it as a feature, I thought?

No one at all is using SSO?

I tried to roll my own a while ago but slammed into a few walls. It isn’t supported to run Ghost as an express app and use SSO libraries. I didn’t get far. I don’t remember what version I tried that on.

I’m not sure what the effort is but if they say Pro plan customers have zero interest in SSO or tokens I believe them.

Surely if this has been one of the most requested features, we’d have heard more from the developers themselves about supporting such a feature and perhaps working with community members to upstream any work?

Would any of the Ghost developers themselves care to comment on this and perhaps we can work together to resolve this?

Another open source blogging platform which allows you to self host looks like it has managed to implement OAuth:

It’s in beta behind a paywall:

We’re currently working on support for using custom external authentication providers via OAuth2, and have a closed beta program for interested business plan customers.

@Kevin - so is there a closed source version of Ghost with OAuth?

I think this is where a lot of confusion is coming from. This would indicate that there is a closed source version of Ghost with OAuth2:

1 Like

so is there a closed source version of Ghost with OAuth?

No, there isn’t as stated in my reply that you quoted.

This would indicate that there is a closed source version of Ghost with OAuth2:

No, it wouldn’t. I explained this earlier:

There’s a long (and constantly shifting) pipeline of potential feature work, OAuth is certainly tracked there along with everything else. All of the information about OAuth availability is here in this thread and will be added to any time there’s information to share. There’s no need to spam the forum with repeated questions trying to get different answers than the ones that have already been given.

2 Likes

Wow this is one of the most voted but not planned feature on Ghost. Any plans to get this in Ghost 4.0 ?

1 Like

This is a pretty critical feature. I’d love to see auth enabled for at least the major SSO providers, google, twitter, facebook, github…

Personally I really would love to see google and allow auto mapping to particular roles for SSO users.

2 Likes

has anyone explored this path for getting SSO to work?

4 Likes

Would love to see this. Would reduce a lot of issues I have with losing readers via the double opt-in.

2 Likes

Yes please, the One Tap Google Sign in would be neat for our users experience. Having to go through the email verification process sucks. Sign In With Google  |  Google Developers

1 Like

We really need this, does anybody have progress on that?

Feel free to check out my product, GoPilot, that allows you to use Google and other social sign in providers to login to self-hosted Ghost.
(Admin, please remove my post if you think it’s not appropriate)

3 Likes