Tech & integration

Single Sign-On (SSO)

Authentication setup that lets readers use one account across the publisher's site, paywall, comments, debates and newsletters, instead of creating a separate account for each function.

  • Updated May 13, 2026
  • Topic SSO comments · single sign-on news · OAuth news publisher

Single Sign-On (SSO) is the authentication pattern that allows a reader to log in once on a news site and access all its features, articles behind the paywall, comments, debates, newsletters, customer service, with the same account. In a press context, SSO is the link between your subscriber database and any third-party tool (including a comment system) that needs to know who the reader is.

Why SSO matters for a comment system

Without SSO, a reader who pays €15/month for your subscription and wants to comment has to create another account on your comment vendor. This is the single biggest source of friction in commenting funnels, Milenio measured that dropping the double login increased participation by ~150% in year one.

With SSO :

  • The subscriber is already authenticated; commenting is one click away.
  • The reader account stays in your database (first-party data), not the vendor’s.
  • The paywall and the comment system share the same identity, premium comments, subscriber-only debates, paywalled archives all become possible.
  • GDPR compliance is simpler : one account, one consent, one deletion request.

How Logora SSO works

Logora supports the modern authentication standards out of the box :

  • OAuth 2.0 / OIDC, most common path, your IdP issues a token, Logora trusts it.
  • JWT, for stateless setups, including backchannel logout (added in April 2026).
  • Custom integrations, for publishers with legacy auth, we ship a thin adapter.

Integration is typically 2 hours of work on the publisher’s tech side. The first call discusses the auth stack, we send the snippet + the OAuth client config, the team plugs it in. Same setup we shipped at Der Spiegel, Sud Ouest, Milenio, Krone.

Common SSO pitfalls

  • Token expiration mismatched with reading time, readers logged out mid-debate. Fix : refresh tokens, or session expiry aligned with newsroom reading patterns (15-30 min).
  • Logout not propagated across systems, fixed in Logora April 2026 release with backchannel-logout support.
  • Per-locale auth for multi-country groups (Ringier, Mediahuis). Logora handles multi-tenant SSO via the application settings.

The full setup is detailed in our tech specs, typical SSO integration takes the same 1.5 days as the overall Logora rollout.

← Back to the lexicon
User guides
Moderation Best practices Moderation charter
Examples
Use cases Documentation Administration panel
About us
Team Blog Partners Positioning Contact
Legal
Legal Mentions Terms Privacy
No tracking cookies. Sovereign infrastructure on OVH (France).
Created for democracy by Logora
⌘K / Ctrl+K to open