Swati Gupta (3x Sitecore MVP) | Blogs

Sitecore Custom API Issue with Federation Authentication In earlier segments, detailed in Part 1 and Part 2 of the blogs on Keycloak Integration with Sitecore, I introduced Keycloak functionality for CM login. Concurrently, I addressed a necessity to develop custom APIs for retrieving Sitecore users and roles. Following the development of custom APIs, during authentication failures, the API erroneously returned a status code of 200 instead of 401. The problem arose because API requests were being routed through the "owin.identityProviders" pipeline, which was not intended for API usage. Solution: When OWIN identifies a 401 response and the AuthenticationMode is set to "Active," it fails to capture the URL hash included in the request. Another choice is to activate the "Passive" AuthenticationMode, wherein OWIN refrains from actively intercepting 401 responses. In passive mode, your application needs to explicitly issue a Challenge to trigger the OWIN aut

Part 2: Keycloak Integration with Sitecore This blog will cover the process of setting up Keycloak with Sitecore content management, building upon the explanation provided in the Part 1 blog on Keycloak Integration with Sitecore . Step 1: Configure OpenID Connect Create a pipeline processor to configure OpenID connect to talk to Keycloak identity providers. public class KeycloakIdentityProvider : IdentityProvidersProcessor { protected override string IdentityProviderName => "keycloak"; private string ClientId => Settings.GetSetting(KeycloakSettings.ClientId, ""); private string ClientSecret => Settings.GetSetting(KeycloakSettings.ClientSecret, ""); private string Authority => Settings.GetSetting(KeycloakSettings.Authority, ""); private string MetadataAddress => Settings.GetSetting(KeycloakSettings.MetadataAddress, ""); private string RedirectURL => Settings.GetSetting(Ke

Part 1: Keycloak Integration with Sitecore Application security is more important on day to day basis, access management(IAM) tools ensure that only authorized individuals can access the necessary resources, while unauthorized users are denied entry. This helps protect sensitive information, prevent data breaches, and maintain regulatory compliance. What is a Keycloak? Keycloak is an identity and access management(IAM) tool. Keycloak is an open-source tool having a license of Apache license 2.0. Keycloak empowers you to swiftly secure services while minimizing time requirements and seamlessly incorporating authentication into applications. Keycloak Features SSO : Keycloak fully enables both Single Sign-On and Single Sign-Out functionalities. Admin Console :  Keycloak provides a user-friendly web-based GUI that simplifies the configuration process, allowing you to effortlessly customize your instance to align with your specific requirements. Multiple Protocols Support : Currently, Keycl