Security and authentication
Securing the content of your website and making sure the right users have access to the right features and privileges is crucial for a content management system. With Sitefinity CMS, you have a variety of options how to control security and authentication to your website and its content. In addition, you can fine-tune these settings to suit your custom scenarios.
Sitefinity CMS uses claims-based authentication, but according to your needs, you can switch to other authentication models. For example, you can switch to forms authentication or set up SSO or external STS login.
You can create and manage all users that have authentication to access Sitefinity CMS and its content. You can specify user details, password requirements, and create user profiles to simplify user management. For example, you can display different information for users or different groups of users.
You can also group users by the set of privileges they have, or, by role. Roles are an efficient way to manage permissions for groups of users as they classify users with similar characteristics and responsibilities. Roles also determine which parts of Sitefinity CMS a user can view. You can edit or delete the built-in Sitefinity CMS user roles or create new ones.
Once a user with a specific role is granted access to a specific part of Sitefinity CMS, they need permissions to do perform activities other than navigation. Permissions are rights that define the type of actions a given user can perform. To manage permissions, you can assign permissions not only to users and roles, but also on global or section level, as well as for individual items.
You can configure administration settings covering a range of security and authentication aspects.
Last, but not least, you have the option to manage all security and authentication related implementations and settings programmatically using the Sitefinity CMS API and its dedicated interfaces for security features and characteristics.