You authenticate in Sitefinity CMS OData RESTful API services by acquiring a bearer token and sending it with all requests to the OData services. This article describes the following ways that you can use authenticate in Sitefinity CMS to interact with protected OData routes:
Before sending the request to the server, you have to configure Sitefinity CMS advanced settings. Afterwards, you can request a bearer token.
IMPORTANT: Allowing access control to all is considered a security risk.
NOTE: If you are in load balanced environment, make sure to apply these steps to all necessary nodes.
If you are using OpenID authentication protocol to authenticate to a RESTful API service, use the following request to obtain a bearer token that you can afterwards in in subsequent requests.
Sample request
POST http://mysite.com/Sitefinity/Authenticate/OpenID/connect/token
Sample response
NOTE If you are in load balanced environment, make sure to apply these steps to all necessary nodes.
If you are using Default authentication protocol to authenticate to a RESTful API service, use the following request to obtain a bearer token that you can afterwards in in subsequent requests.
POST http://mysite.com/sitefinity/oauth/token
Once you have obtained the bearer token, you must append it to all requests that require authentication as a request header in the following way:
Authorization: Bearer {{token_value}}
Increase your Sitefinity skills by signing up for our free trainings. Get Sitefinity-certified at Progress Education Community to boost your credentials.
This free lesson teaches administrators, marketers, and other business professionals how to use the Integration hub service to create automated workflows between Sitefinity and other business systems.
This free lesson teaches administrators the basics about protecting yor Sitefinity instance and its sites from external threats. Configure HTTPS, SSL, allow lists for trusted sites, and cookie security, among others.
The free on-demand video course teaches developers how to use Sitefinity .NET Core and leverage its decoupled architecture and new way of coding against the platform.
To submit feedback, please update your cookie settings and allow the usage of Functional cookies.
Your feedback about this content is important