Scaling and configuring Sitecore Identity Server

Abstract

Options for scaling and configuring the Sitecore Identity Server role.

Sitecore introduced the Sitecore Identity Server (SIS) role with release 9.1. It is based on the IdentityServer4 framework and used to request and handle identity, grant access, and refresh tokens.

Installation

Use the Sitecore Installation Framework (SIF) or the Sitecore Azure Toolkit (SAT) to install the SIS role. Refer to the installation guide for your version of the platform for more information.

Scaling the Sitecore Identity Server role

The following table describes the ways you can scale the Sitecore Identity Server (SIS) role:

Scaling option

Supported

Notes

Combined instance

No

You can combine the SIS role with all other Sitecore Host roles.

Standalone instance

Yes

You can deploy the SIS role as a standalone role.

High availability and failover

Yes

You can fail over to a passive instance of the SIS role. In the event of a failover, clients might be required to log in again.

Horizontal scaling for load distribution

No

You cannot set up multiple instances of the SIS role behind a load balancer. An encrypted cookie can only be decrypted by the specific instance of the SIS role that originally issued it, which cannot be guaranteed in a load balanced setup.

Default topologies and packages

The following tables list the topologies that include the SIS role and describe how the role is packaged by default.

Sitecore Installation Framework

The SIS role is available in the following default topologies for the Sitecore Installation Framework:

Topology

Web Deploy Packages

Description

XP Single

Sitecore.IdentityServer 4.X.X rev. XXXXX (OnPrem)_identityserver.scwdp

Standalone instance of the SIS role.

XP Scaled

Sitecore.IdentityServer 4.X.X rev. XXXXX (OnPrem)_identityserver.scwdp

Standalone instance of the SIS role.

XM Scaled

Sitecore.IdentityServer 4.X.X rev. XXXXX (OnPrem)_identityserver.scwdp

Standalone instance of the SIS role.