How to authenticate with the SSO from an app?


i have a few domains but my main one needs the website software installed at / so i cant install any other apps and that’s fine. however some apps need to be logged in to use… and since my main domain is the “default domain” in yunohost, trying to visit any other subdomain that requires you to login forwards to the website because its the default domain. that’s also neat and all and best for security… but how would someone who’s supposed to use the SSO login use it? like my staff members need a link to login with while normal users just want to view the website.


Sooo eh, not sure what’s the question exactly.

If I understood correctly : you have a website hosted somewhere, but you would also like people to know how to easily access the SSO ? So eh, what about adding a link somewhere on your website with a link like “User Portal” pointing to the SSO portal ? Or is that not what you’re looking for ?

well, i’ll make it simple. my website is and so when staff go to they can’t login because it goes to the “default site” to login… which has wordpress on it. so they cant log in. i’d change the default site to for login… but then that triggers everyone’s email filters to block emails sent from my website because its sending from and saying its from so theres a mismatch… so i need as my main website… but i also need a way for people to login to yunohost on

tl;dr, when i go to i get forwarded to to sign in. which errors in a “404” page… how do i get my email server to be correct while also allowing people to login without a 404 error, while also keeping my website?

only staff members need to login… and the main website needs to not be a menu page. and while my domain.tld/yunohost/sso usually works, it doesn’t for wordpress… but maybe if there was a nginx proxy or something there it would work… or maybe i can make an iframe on the website for that login page to pop up? but i wouldn’t know what files i’d need to load for that…

Well on my side, doesn’t show a 404 … it shows a page with a logo and " Get Ready… Something Really Cool Is Coming Soon" … So do you get the 404 after login in or something ?

oh no that’s just wordpress’s “coming soon” feature. i guess its because i’m already signed in [but i was only able to sign in by switching default sites to then back to] and as you can see even though it doesn’t give a 404 error…you’re still not able to sign in… just try to get to a sign in on my website. and and…

my question is how can i login without having to switch “main domains” back and forth? i don’t want my email host on a blacklist but i also want to allow staff members to sign in.

From what I understand you need to set the SSO login page to Install the wordpress(the logo page) and keep the email accounts from

Please correct me if I did not get it right.

yes that is correct. however, setting the “default page” sets both email and login stuff. so setting login to makes the email server incorrect… and setting default domain to proper… makes staff unable to login. i need a middle ground here. hoping that i can use nginx somehow to make go to a login? or maybe i can set default login to and somehow change the mail server’s domain to

i know theres options i just don’t know how execute them… especially when yunohost overrides and overwrites all of this.

i was thinking maybe i would be able to set the mail server to use the right domain… then set up a domain like and have that have a “private app” that is a redirect app… so it prompts for a login… then instantly redirects you back to the main website on logging in… then it would be business as normal for me and my staff can still login and do what they need to.

yes you can.

Follow these steps:

  1. Run this command in ssh:
    yunohost tools maindomain -n
  2. Edit /etc/ssowat/conf.json.persistent and add this line:
    "portal_domain": ""
  3. Run this command in ssh:
    yunohost app ssowatconf

thank you so much!!! that works PERFECTLY! solves all of my issues in one fowl swoop! thanks so much.