Enable Sitecore-integrated federated authentication

Version: 22.x

When running a JSS application in integrated mode, you can use the Sitecore built-in Owin support to delegate authentication and map users into the Sitecore security model.

Note

This approach does not work in headless or connected modes, because it depends on browser requests directly to Sitecore.

To enable federated authentication:

  1. Refer to the documentation on Using federated authentication with Sitecore for some configuration steps.

  2. Configure federated authentication with a provider of your choice.

  3. Extend the Layout Service context to add Sitecore-generated login URLs to the Layout Service output.

    Tip

    Refer to the documentation for Extending context data returned by the Layout Service.

    For example:

    RequestResponse
    using System.Linq;
using Sitecore.Abstractions;
using Sitecore.LayoutService.ItemRendering.Pipelines.GetLayoutServiceContext;
using Sitecore.Pipelines.GetSignInUrlInfo;

public class AddLoginLinks : Sitecore.JavaScriptServices.ViewEngine.LayoutService.Pipelines.GetLayoutServiceContext.JssGetLayoutServiceContextProcessor
{
    protected readonly BaseCorePipelineManager CorePipelineManager;
    protected readonly BaseLinkManager LinkManager;

    public AddLoginLinks(Sitecore.JavaScriptServices.Configuration.IConfigurationResolver configurationResolver, BaseCorePipelineManager corePipelineManager, BaseLinkManager linkManager) : base(configurationResolver)
    {
        CorePipelineManager = corePipelineManager;
        LinkManager = linkManager;
    }

    protected override void DoProcess(GetLayoutServiceContextArgs args, Sitecore.JavaScriptServices.Configuration.AppConfiguration application)
    {
        var returnUrl = LinkManager.GetItemUrl(args.RenderedItem);
        var loginUrlArgs = new GetSignInUrlInfoArgs(site: "JssReactWeb", returnUrl: returnUrl);
        GetSignInUrlInfoPipeline.Run(CorePipelineManager, loginUrlArgs);
        if (loginUrlArgs.Result.Any())extend the Layout Service context
        {
            args.ContextData.Add("loginUrls", loginUrlArgs.Result);
        }
    }
}

  4. Verify you have the desired output returned from the Layout Service. Based on the customization in the previous step, the JSON data returned from the Layout Service should contain:

    RequestResponse
    loginUrls: [
    {
        identityProvider: "Auth0",
        caption: "Log in with Auth0",
        icon: "/sitecore/shell/themes/standard/Images/24x24/helloworld",
        href: "/identity/externallogin?authenticationType=Auth0&ReturnUrl=%2fidentity%2fexternallogincallback%3fReturnUrl%3d%252fservices%26sc_site%3djssreactweb%26authenticationSource%3dDefault&sc_site=JssReactWeb"
    }
]

Do you have some feedback for us?

If you have suggestions for improving this article,