Single Sign-on

By default, your visitors can comment as guests, or they will need to create an HYVOR account to log in. However, if they are already logged in to your website, creating an HYVOR account is unnecessary and tedious. You can set up Single Sign-on (SSO) to allow users to log in and comment using the account they already have on your system.

HYVOR accounts and SSO accounts are different

We create a separate user account for each SSO user, which has no relation to HYVOR accounts. It is also important to note that each SSO account is associated with your website ID. If you have multiple websites, you have to implement SSO for each website separately.

Data Privacy & GDPR Compliance

When using Single Sign-on, you will be sharing user data with us, which will be handled according to our Privacy Policy. You will be sharing the user’s name and email, and optionally picture URL, website URL, and some other metadata. The email will only be used to send notifications to the user when someone replies to or mentions them. Other data will be shown publicly with the user's comment and profile.

GDPR requires you to allow users to edit and delete their data. Editing will be automatically done. For example, if the user edits their name on your website, his SSO profile will be automatically updated when he logs in again to the comments system. Deleting needs to be implemented using an API call to our Console API. When the user deletes their account on your system, call the /sso/delete-user endpoint to delete their account.

There are 2 ways to set up SSO:

How to decide?

After setting up SSO

Connect to Moderator accounts

All moderators require a HYVOR account. However, you can connect SSO accounts to a moderator's HYVOR account. This will allow them:

Console → Settings → Moderators

Connect SSO accounts to moderators in Hyvor Talk