Sitefinity CMS can serve both as Relying Party (RP) and Identity Provider (IP). Usually, these can be one web application on the same host, but with different URLs. However, in a Single-Sign-On (SSO) scenario, these can be on different servers (applications). In both cases the communication between IP and RP is via HTTP and goes trough the client.
Authentication flow diagram
To ensure security, you must configure the following two types of certificates for Sitefinity CMS:
NOTE: Although Sitefinity works successfully on HTTP and HTTPS, we recommend to use SSL/TLS certificate for your site.
You must configure this certificate, by navigating to Administration » Settings » Advanced » Authentication » SecurityTokenService » IdentityServer » SigningCertificate.
NOTE: The certificate must have a private key and the application pool user that runs Sitefinity CMS identity provider must have rights to access it to use it for signing.
Back To Top
To submit feedback, please update your cookie settings and allow the usage of Functional cookies.
Your feedback about this content is important
Copyright © 2022 Progress Software Corporation and/or its subsidiaries or affiliates.
All Rights Reserved.
Progress, Telerik, Ipswitch, and certain product names used herein are trademarks or registered trademarks of Progress Software Corporation and/or one of its subsidiaries or affiliates in the U.S. and/or other countries. See Trademarks for appropriate markings.
Powered by Progress Sitefinity