SSO authentication
Single Sign-On settings
Single Sign-On (SSO) allows you to authenticate users via an external provider, so that they don’t need to create a separate Comentario account. There’s also an option for a non-interactive SSO login, when the authentication process happens in the background.
SSO server
For the SSO authentication you’ll need to specify an SSO server URL, which must be an https:// address.
SSO secret
The SSO secret is a randomly generated 32-byte sequence, which represents a shared secret and looks like this:
a7c0a4de68cef4f16dcce202f5ec378dd5a858a307ec3858c91742c7eccece77
It’s created by clicking the SSO secret button on the Domain properties page. When generated, this value is only displayed once, so make sure it’s safely stored.
Interactive vs. Non-interactive
Comentario supports two SSO flavours: interactive and non-interactive.
Interactive SSO authentication flow means it’s triggered by the user and requires them to do something in the popup window that appears. What exactly, depends on the SSO provider being used.
Non-interactive SSO authentication flow is very much similar to its interactive counterpart, but, as the name suggests, it doesn’t require any interaction from the user.
Single SSO provider for multiple domains
If your SSO provider is used for authentication against multiple Comentario domains, and you want to know which domain triggered the authentication, you can use one of the two options.