During a migration from Nested Content to Block List in Umbraco 13, Johan Reitsma encountered an issue where the `umbracoExternalLogin` table was empty due to unconfigured external login providers in `appsettings.json`. This led Umbraco to automatically remove external login records. To prevent this, it's advised to configure dummy values for external login credentials during local migrations.
In a recent project, Rick Butterfield implemented two-factor authentication (2FA) for a member login area in Umbraco 13, discovering gaps in documentation regarding recovery codes. They detailed the process of adding 2FA, including custom code for member registration and recovery code generation, ultimately achieving a functional 2FA system with recovery options.
In this guide, Nijas Hameed outlines the steps to enable SAML Single Sign-On for Umbraco Backoffice using PingID. Key prerequisites include a PingID account and the AspNetSaml NuGet package. The configuration involves adding an application in Ping Identity, setting up SAML parameters, and mapping user attributes for successful integration.
Nijas Hameed outlines the configuration of PingID SAML authentication in Umbraco, detailing steps such as setting up SAML settings in appsettings.json, creating a strongly-typed configuration class, registering services, and implementing login and response handling controllers. It emphasizes the importance of HTTPS and validates SAML responses for user authentication.
Provides authentication and authorization for media items.
In Umbraco 14, backoffice authentication transitioned from cookie-based to bearer token authentication, impacting how users authenticate outside the backoffice. The legacy UMB_UCONTEXT cookie now only facilitates OpenID Connect sign-ins and may not be permanent. Kenn Jacobsen proposes a new cookie-based authentication mechanism using OpenIddict events to manage user sessions effectively.