Secure SSO
Production-grade identity. Your server HMAC-signs a base64 user payload; the widget verifies it before trusting any session. Pair with the node-express reference server.
Mode · HMACStatus · idle
app/secure-sso/page.tsx
'use client';
import { useEffect, useState } from 'react';
import { FastComments } from 'fastcomments-nextjs';
import type { FastCommentsSSO } from 'fastcomments-typescript';
export default function SecureSSOPage() {
const [sso, setSSO] = useState<FastCommentsSSO>({
loginURL: 'https://example.com/login',
logoutURL: 'https://example.com/logout',
});
useEffect(() => {
// Your server HMAC-signs a base64 user payload
fetch('/sso-user-info')
.then((r) => r.json())
.then((info) => setSSO((s) => ({ ...s, ...info })));
}, []);
return (
<FastComments
tenantId="demo"
urlId="nextjs-demo-secure-sso"
sso={sso}
/>
);
}