Swati Gupta (3x Sitecore MVP) | Blogs

Sitecore Custom API Issue with Federation Authentication In earlier segments, detailed in Part 1 and Part 2 of the blogs on Keycloak Integration with Sitecore, I introduced Keycloak functionality for CM login. Concurrently, I addressed a necessity to develop custom APIs for retrieving Sitecore users and roles. Following the development of custom APIs, during authentication failures, the API erroneously returned a status code of 200 instead of 401. The problem arose because API requests were being routed through the "owin.identityProviders" pipeline, which was not intended for API usage. Solution: When OWIN identifies a 401 response and the AuthenticationMode is set to "Active," it fails to capture the URL hash included in the request. Another choice is to activate the "Passive" AuthenticationMode, wherein OWIN refrains from actively intercepting 401 responses. In passive mode, your application needs to explicitly issue a Challenge to trigger the OWIN aut

 The Sitecore MVP Award celebrates the most active Community members worldwide who provide valuable online and offline expertise that enriches the community experience and makes a difference. I am pleased to announce that I have been naming a " Most Valuable Professional (MVP) " by Sitecore. After working for more than 8+ years in Sitecore it was fascinating to achieve this milestone which was my dream.  I am really thankful to everyone who has supported me in this journey and guided me. More details about the Sitecore MVP Program you can find  here