Sitecore

Hello everyone, In this blog we will try to see how we can implement OAuth 2.0 and OpenID for Authentication and Authorization. In previous blog post we discuss what is OAuth 2.0 and OpenID and how Sitecore uses the same for Authentication and Authorization. This blog will give you a basic idea that how we can follow Sitecore approach to integrate third party Identity provider. So let's get started. Would recommend everyone to read my previous article on OAuthAndOpenID The first step will be, to create a client page with login button. This button will be responsible for transfering you to Identity Server. We will see how Sitecore does it and will try to use the same logic for our login button logic. Create a Login Controller. This controller will give us the required SignInInfo details which will be passed to Identity Server. You can refer below code. We have created a Login Action method which will call the GetSignInInfo method to get the identity url protected readonl...

Hello everyone, In this blog we will try to understand Federated Authentication and Authorization concept and will try to see how Sitecore uses this concepts to perform Authentication and Authorization. Let's begin. We will see basic terminology like OAuth 2.0, OpenID Connect etc. which is mostly used in implementing the Federated login mechanism. OAuth 2.0 : OAuth 2.0, which stands for “Open Authorization”, is a standard designed to allow a website or application to access resources hosted by other web apps on behalf of a user. OpenID : OpenID is a unified user identification method released as an open standard that essentially acts as a single user identification system that can be used across multiple websites. It is a wrapper made on top of OAuth 2.0 which provide the functionality of Authentication. Resource Owner : User who is trying to login on an application Client : An Application which provide the interface where user can click on Sign In button. Authorization Server ...