diff --git a/conf/nginx.conf b/conf/nginx.conf
index c7d5d44..ed3d5f2 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -11,7 +11,7 @@ location PATHTOCHANGE {
 	location ~ [^/]\.php(/|$) {
 		fastcgi_split_path_info ^(.+?\.php)(/.*)$;
 		fastcgi_pass unix:/var/run/php5-fpm-NAMETOCHANGE.sock;
-	        fastcgi_index index.php;
+	        fastcgi_index sso.php;
         	include fastcgi_params;
 	        fastcgi_param REMOTE_USER     $remote_user;
         	fastcgi_param PATH_INFO       $fastcgi_path_info;
diff --git a/conf/sso.php b/conf/sso.php
new file mode 100644
index 0000000..8ed23b1
--- /dev/null
+++ b/conf/sso.php
@@ -0,0 +1,18 @@
+<?php
+
+// Enable RainLoop Api and include index file 
+$_ENV['RAINLOOP_INCLUDE_AS_API'] = true;
+include '/var/www/rainloop/index.php';
+
+// Retrieve email and password
+if (isset($_SERVER['HTTP_EMAIL']) && isset($_SERVER['PHP_AUTH_PW'])) {
+	$email = $_SERVER['HTTP_EMAIL'];
+	$password = $_SERVER['PHP_AUTH_PW'];
+	$ssoHash = \RainLoop\Api::GetUserSsoHash($email, $password);
+
+	// redirect to webmail sso url
+	\header('Location: https://test.com/rainloop/index.php?sso&hash='.$ssoHash);
+}
+else {
+	\header('Location: https://test.com/rainloop/index.php');
+}
diff --git a/scripts/install b/scripts/install
index 81d3622..2e6f5a1 100644
--- a/scripts/install
+++ b/scripts/install
@@ -70,6 +70,17 @@ sed -i "s@domain.tld@$domain@g" ../conf/data/domains/domain.tld.ini
 sudo cp ../conf/data/domains/domain.tld.ini $final_path/data/_data_/_default_/domains/$domain.ini
 sudo cp ../conf/data/domains/disabled $final_path/data/_data_/_default_/domains/disabled
 
+# SSO
+sudo cp ../conf/sso.php $final_path/sso.php
+
+# Temporary workaround until someone finds a way to setup NGINX properly...
+sudo mkdir -p $final_path/app
+sudo mv $final_path/index.php $final_path/app/index.php
+sudo mv $final_path/data $final_path/app/data
+sudo mv $final_path/rainloop $final_path/app/rainloop
+sudo sed -i "s@index.php@app/@g" $final_path/sso.php
+sudo mv $final_path/sso.php $final_path/index.php
+
 # Set permissions to rainloop directory
 # sudo mkdir -p $final_path/logs
 sudo chown -R www-data:www-data $final_path
diff --git a/scripts/upgrade b/scripts/upgrade
index 231aaea..75f7c88 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -37,6 +37,17 @@ sudo cp ../conf/php-fpm.conf $finalphpconf
 sudo chown root: $finalphpconf
 sudo chmod 644 $finalphpconf
 
+# SSO
+sudo cp ../conf/sso.php $final_path/sso.php
+
+# Temporary workaround until someone finds a way to setup NGINX properly...
+sudo mkdir -p $final_path/app
+sudo mv $final_path/index.php $final_path/app/index.php
+sudo mv $final_path/data $final_path/app/data
+sudo mv $final_path/rainloop $final_path/app/rainloop
+sudo sed -i "s@index.php@app/@g" $final_path/sso.php
+sudo mv $final_path/sso.php $final_path/index.php
+
 # Make app public if necessary
 sudo yunohost app setting $app is_public -v "$is_public"
 if [ "$is_public" = "Yes" ];