In a recent project, Rick Butterfield implemented two-factor authentication (2FA) for a member login area in Umbraco 13, discovering gaps in documentation regarding recovery codes. They detailed the process of adding 2FA, including custom code for member registration and recovery code generation, ultimately achieving a functional 2FA system with recovery options.
In this guide, Nijas Hameed outlines the steps to enable SAML Single Sign-On for Umbraco Backoffice using PingID. Key prerequisites include a PingID account and the AspNetSaml NuGet package. The configuration involves adding an application in Ping Identity, setting up SAML parameters, and mapping user attributes for successful integration.
Nijas Hameed outlines the configuration of PingID SAML authentication in Umbraco, detailing steps such as setting up SAML settings in appsettings.json, creating a strongly-typed configuration class, registering services, and implementing login and response handling controllers. It emphasizes the importance of HTTPS and validates SAML responses for user authentication.
Provides authentication and authorization for media items.
In Umbraco 14, backoffice authentication transitioned from cookie-based to bearer token authentication, impacting how users authenticate outside the backoffice. The legacy UMB_UCONTEXT cookie now only facilitates OpenID Connect sign-ins and may not be permanent. Kenn Jacobsen proposes a new cookie-based authentication mechanism using OpenIddict events to manage user sessions effectively.
In today's interconnected digital landscape, leveraging Umbraco CMS as a centralized Identity Provider (IDP) enhances security and simplifies user management. By integrating Duende IdentityServer, Umbraco enables seamless Single Sign-On (SSO) and customizable authentication flows, providing scalability and robust security for growing application ecosystems.
Jacob Overgaard discusses generating a TypeScript client for Umbraco 14 and 15, emphasizing the use of the @hey-api/openapi-ts library for API requests. He outlines how to authenticate using a bearer token, set up an entry point for API configuration, and manage authorization headers for requests.