LogoDOCUMENTATION

SELECT PRODUCT DOCUMENTATION

Sitefinity CMSSitefinity InsightSitefinity CloudKnowledge Base
Security
Web security module
Web security settings
Authentication
Users
Roles
Permissions
Authentication settings
Create a custom membership provider
Implement an ASP.NET SQL membership provider
Customize the email notification for password change
Best practices for Authentication
Troubleshooting Authentication
HomeAuthenticationDefault authenticationCustom authentication

Custom authentication

## Manage local accounts If you need to completely bypass Sitefinitys default password based authentication you can use the following method in Telerik.Sitefinity.Security.SecurityManager class: public static UserLoggingReason AuthenticateUser(string membershipProviderName, string userName, bool persistent, out User user)`

This method will login the user and issue all the necessary authentication cookies by just providing the username/email of the user account.
## Manage external accounts

If you are logging in users from external identity provider (IP) the usual flow is to redirect the user browser to the IP and wait for it to be redirected back to Sitefinity CMS on a special endpoint with the remote authentication result. There are some special cases that you might collect user credentials in Sitefinity CMS and relay them to the IP for verification. Regardless of the methods used you need to create a local account that is mapped to that external account. Typically the locally mapped account is created upon first login of the external user.
Custom authentication should only be implemented if there are no other option and you have the know-how to implement it securely or are using a third party library.

You can introduce a handler managed by IIS for external accounts. The IIS managed handler is the recommended approach as it is much simpler and more flexible. For more information, see IIS managed handler.

If using standard authentication protocol like OpenID Connect for external accounts consider using and customizing the built-in provider in Sitefinity CMS. For more information, see Add new or customize existing OpenID Connect authentication provider.

This section contains

Add new or customize existing OpenID Connect authentication provider
By default Sitefinity CMS comes with preinstalled OIDC external authentication provider. You can create/customize additional ones with this sample implementation.
IIS managed handler
Add an entirely custom external authentication provider to Sitefinity CMS
Want to learn more?
Enhance your Sitefinity skills by enrolling in free training sessions. Become Sitefinity certified through Progress Education Community to strengthen your professional credentials.
course-book
Get started with Integration Hub | Sitefinity Cloud
This free lesson teaches administrators, marketers, and other business professionals how to use Sitefinity Integration Hub to create automated workflows between Sitefinity and other business systems.
course-book
Web Security for Sitefinity Administrators
This free lesson teaches administrators the basics about protecting your Sitefinity instance and your sites from external threats. Configure HTTPS, SSL, allow lists for trusted sites, and cookie security, among others.
course-book
Foundations of Sitefinity ASP.NET Core Development
The free on-demand video course teaches developers how to use Sitefinity ASP.NET Core and take advantage of its decoupled architecture and modern development model.
New to Sitefinity?
Get a demoPlatform overview
Documentation
About Sitefinity
Resources
Learn
New to Sitefinity
+1-888-365-2779