Umbraco has built-in support for membership, where you can allow end-users of your Umbraco site to authenticate and gain access to protected pages. However, if you have more than one website, it’s unlikely that you will want your users to manage yet another set of credentials. Instead, Umbraco can use your existing SSO solution.
In this article, you’re going to see how to configure Umbraco 9 to use an external identity provider for frontend membership authentication. This approach will work for any OpenID Connect identity provider, including IdentityServer, Auth0, Azure AD, or Google.
A common Umbraco use case is to use your existing SSO solution to log into the Umbraco backoffice. For example, this could be using your custom IdentityServer solution or your company’s Azure AD. Thankfully, Umbraco 9 has significant improvements for its backoffice that enable you to use existing ASP.NET Core authentication handlers for backoffice users.
In this article, you’ll see how to use any OpenID Connect identity provider, such as IdentityServer, Azure AD, Auth0, or Okta, to authenticate users in Umbraco’s backoffice.
I’m an Umbraco MVP for 2021! 🎉
As part of the Unicore project, Rock Solid Knowledge has been helping Umbraco HQ migrate to ASP.NET Core. My contributions have been on the identity side of the project, migrating the back-office user store to use ASP.NET Core Identity, while my colleague Emma Garland worked on the member’s user store later in the year.
In recognition of my contributions, Umbraco HQ has awarded me with an Umbraco MVP title for 2021.