Xperience provides various options that you can use when setting up registration and authentication on your websites.
LIVE SITE – available for the live site.
ADMINISTRATION – available for the Xperience administration application.
ASP.NET Identity authentication LIVE SITE
For the live site, Xperience provides an integration API based on ASP.NET Identity.
The site's developers need to implement actions that allow visitors to sign in and out of the website with Xperience user accounts.
Third-party authentication services, such as Facebook, Google, or OpenID, can provide an alternative way for users to sign in and register on your site.
For more information, see Configuring external authentication.
Forms authentication ADMINISTRATION
Forms authentication stores user names and passwords in the database and requires users to register on your site before they can sign in.
Multi-factor authentication ADMINISTRATION
Multi-factor authentication uses a combination of forms authentication and one other security factor. For example, a passcode generated by a mobile application or sent by SMS, email, etc.
Windows Active Directory ADMINISTRATION
The Windows AD authentication gets user identity from the network credentials and automatically creates a corresponding user in the database, including the user’s roles (if they exist in the Xperience database). Users are not required to enter their user names and passwords when signing in to the administration interface.
Custom external authentication ADMINISTRATION
If you want to retrieve user and role information from an external source, such as a custom database, you need to write a custom authentication provider. The provider must ensure the submitted user credentials are checked against an external user profile or authentication source. If the user is successfully authenticated, a corresponding user account is automatically created/updated in the Xperience database.
You can integrate a custom authentication provider with the Xperience administration via system security events.