The Default protocol uses claims authentication and allows implementing single sign-on and access control for modern web applications and APIs. It supports OAuth2's authorization code, implicit, and resource owner password credentials flows. For machine to machine communication you can use Access Keys which is the alternative to client credentials flow. For more information, see Generate access key. This integration allows easy connection with clients such as mobile, web, SPAs, and desktop applications. It is also extensible and allows integration in new and existing architectures.
The authentication is designed and implemented as separate Microsoft OWIN / Katana component. It uses standard Microsoft.Owin.Security libraries-. Additionally, there are some extensions to support external provider logins, such as Facebook or LinkedIn.
Microsoft.Owin.Security
Increase your Sitefinity skills by signing up for our free trainings. Get Sitefinity-certified at Progress Education Community to boost your credentials.
The free standalone Web Security lesson teaches administrators how to protect your websites and Sitefinity instance from external threats. Learn to configure HTTPS, SSL, allow lists for trusted sites, and cookie security, among others.
The free on-demand video course teaches developers how to use Sitefinity .NET Core and leverage its decoupled architecture and new way of coding against the platform.
To submit feedback, please update your cookie settings and allow the usage of Functional cookies.
Your feedback about this content is important