Use Sitefinity CMS as external identity provider

You can create an MVC 5 application that has integrated individual accounts and uses Sitefinity CMS Security Token Service (STS) as external provider for logging in the MVC 5 application.

IMPORTANT: Sitefinity CMS can act as external identity provider only via the implicit client authentication flow.

Register the MVC 5 application in Sitefinity CMS

You register the MVC 5 application as a client to the Sitefinity CMS STS with implicit flow of credentials.
To do this, perform the following:

  1. In Sitefinity CMS backend, navigate to Administration » Settings » Advanced.
  2. In the left pane, expand Authentication » SecurityTokenService » IdentityServer » Clients.
  3. Click Create new and fill out the form.
    1. In Client name, enter mvc
    2. In Client Id, enter mvc
    3. Select Enabled checkbox.
    4. In Client flow dropdown box, select Implicit.
    5. Select Allow access to all scopes checkbox.
  4. Save your changes.
    The new client appears in the left pane, under Clients.
  5. Expand the newly created client and select RedirectUris.
  6. Click Create new.
  7. Enter the URL of your MVC 5 application and save your changes.
    For example, enter http://YourMvcSite.com
  8. Expand the newly created client and select PostLogoutRedirectUris.
  9. Click Create new.
    Enter the URL of your MVC 5 application and save your changes.
  10. Restart your Sitefinity CMS application.

Configure the MVC 5 application to use OpenIDConnect

You need to configure your MVC 5 application to use Sitefinity CMS STS as identity provider. Thus, when you browse the MVC 5 application and navigate to the login screen, you can see OpenIdConnect button. Clicking this button, you are redirected to Sitefinity CMS login screen and you can use your Sitefinity CMS credentials to login to the MVC 5 application.

For details how to complete the configuration, see the official IdentityServer3 documentation.

NOTE: Make sure when attaching the OpenIdConnectAuthentication middleware, the ClientId corresponds to the one you set when registering the MVC 5 application in Sitefinity CMS.

IMPORTANT: The Authority property needs to point to http://<YourSitefinitySite>/Sitefinity/Authenticate/OpenID

Was this article helpful?