Generate access key

To facilitate secure machine to machine communication, you can generate access keys that can be stored and used for authentication. With the access key you can call services, trigger events, etc. in a secure way.

The access keys are tied to user accounts. Each user can have a single access key. To use the access key, you have to create a user with the appropriate permissions and generate an access key for that user. Access keys are generated one time only, so make sure you have them properly stored once you generate them.

NOTE: As of Sitefinity CMS 15.1.8321, users created with an external identity provider cannot generate an access key.


To generate an access key:

  1. Create a user. For more information, see Create and delete users
    This user must have the appropriate permissions that are indicated in the web service. For more information, see Create a RESTful API service.
  2. Navigate to Administration » Users.
  3. Click Actions » Generate access key
    Make sure to copy the key, once you close the window it is not available again and you will have to generate a new key.
You can use the key with the X-SF-Access-Key header.

Increase your Sitefinity skills by signing up for our free trainings. Get Sitefinity-certified at Progress Education Community to boost your credentials.

Get started with Integration Hub | Sitefinity Cloud | Sitefinity SaaS

This free lesson teaches administrators, marketers, and other business professionals how to use the Integration hub service to create automated workflows between Sitefinity and other business systems.

Web Security for Sitefinity Administrators

This free lesson teaches administrators the basics about protecting yor Sitefinity instance and its sites from external threats. Configure HTTPS, SSL, allow lists for trusted sites, and cookie security, among others.

Foundations of Sitefinity ASP.NET Core Development

The free on-demand video course teaches developers how to use Sitefinity .NET Core and leverage its decoupled architecture and new way of coding against the platform.

Was this article helpful?