LogoDOCUMENTATION

SELECT PRODUCT DOCUMENTATION

Sitefinity CMSSitefinity InsightSitefinity CloudKnowledge Base
Headless API
Setup a service
OData services configurations
Use GraphQL protocol
Authenticate to a service
Content API
Media API
Pages and Templates API
Filter and sort API
Personalization and tracking
Custom services
Service hooks
Headless API samples
Sitefinity JavaScript SDK
HomeAuthenticate to a serviceRequest access token

Request access token

Overview

You authenticate in Sitefinity CMS OData RESTful API services by acquiring a bearer token and sending it with all requests to the OData services. This article describes how to authenticate in Sitefinity CMS to interact with protected OData routes with the Default authentication protocol.

Before sending the request to the server, you have to configure Sitefinity CMS advanced settings. Afterwards, you can request a bearer token.

JSON
{
    "access_token": "bearer token value string omitted for brevity",
    "expires_in": 36000,
    "token_type": "Bearer"
}

Default authentication protocol settings

  1. In Sitefinity CMS backend, navigate to Administration» Settings» Advanced.

  2. In the left pane, expand Security.

  3. In AccessControlAllowOrigin, enter the URL of your server or app, or enter * for all.

    IMPORTANT: Allowing access control to all is considered a security risk.

  4. Save your changes.

  5. In the left pane, expand Authentication » OAuthServer.

  6. Click AuthorizedClients » Create new.

  7. Fill out the required fields. For example, enter the following:

    1. In ClientId, enter postman
    2. In Secret, enter secret

  8. Save your changes.

  9. Restart your Sitefinity CMS instance.

NOTE If you are in load balanced environment, make sure to apply these steps to all necessary nodes.

Request a bearer token with the Default protocol

If you are using Default authentication protocol to authenticate to a RESTful API service, use the following request to obtain a bearer token that you can afterwards in in subsequent requests.

Sample request

POST http://mysite.com/sitefinity/oauth/token

Request headers
Text
Content-Type: application/x-www-form-urlencoded
Accept: */*
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Request body
JSON
{
    "username": "myUserName@mail.com",
    "password": "myVeryStrongPassword8*",
    "grant_type": "password",
    "client_id": "postman",
    "client_secret": "secret"
}

Sample response

Status code: 200 OK
JSON
{
    "access_token": "bearer token value string omitted for brevity",
    "token_type": "bearer",
    "expires_in": 1799,
    "refresh_token": "9e06fe5b-5523-de88-8cd5-f5c1f2918fdb"
}

Use the bearer token in a request

Once you have obtained the bearer token, you must append it to all requests that require authentication as a request header in the following way:

Authorization: Bearer {{token_value}}

Want to learn more?
Enhance your Sitefinity skills by enrolling in free training sessions. Become Sitefinity certified through Progress Education Community to strengthen your professional credentials.
course-book
Get started with Integration Hub | Sitefinity Cloud
This free lesson teaches administrators, marketers, and other business professionals how to use Sitefinity Integration Hub to create automated workflows between Sitefinity and other business systems.
course-book
Web Security for Sitefinity Administrators
This free lesson teaches administrators the basics about protecting your Sitefinity instance and your sites from external threats. Configure HTTPS, SSL, allow lists for trusted sites, and cookie security, among others.
course-book
Foundations of Sitefinity ASP.NET Core Development
The free on-demand video course teaches developers how to use Sitefinity ASP.NET Core and take advantage of its decoupled architecture and modern development model.
This Article Contains
OverviewDefault authentication protocol settingsRequest a bearer token with the Default protocolUse the bearer token in a request
New to Sitefinity?
Get a demoPlatform overview
Documentation
About Sitefinity
Resources
Learn
New to Sitefinity
+1-888-365-2779