Back

BLOG • DIGITAL INSIGHTS

Protect ServiceStack Endpoints in Sitefinity 14.0

Sitefinity 14.0 introduced a new authentication protocol that breaks the previous approach to protecting ServiceStack endpoints. This post covers the two simple changes needed - a middleware type swap and removing the openid scope - to get things working again.

Sitefinity CMS

Note: If your Sitefinity version is prior to 14.0, or you are using OpenID authentication rather than the new default introduced in 14.0 and above, please check the older article.

What Changed in Sitefinity 14.0

Sitefinity 14.0 introduced a new authentication protocol completely rewritten from scratch, which is now the recommended approach even for upgraded projects. This change causes the code from the previous article to stop working.

The Required Changes

Fortunately, the changes needed are straightforward:

  • Change the middleware type
    From: Telerik.Sitefinity.Authentication.Owin.OpenId.SitefinityOpenIdConnectWebApiAuthenticationMiddleware
    To: Telerik.Sitefinity.Authentication.Owin.SitefinityAuthenticationMiddleware
  • Remove openid from the scope

The Updated Code

Don't forget to register the OWIN startup class in your web.config under <appSettings>:

<add key="owin:appStartup" value="SitefinityWebApp.OwinStratup" />

The key difference from the previous version is the use of SitefinityAuthenticationMiddleware resolved via TypeResolutionService - replacing the old OpenID-specific middleware type.

Related Posts

Sitecore self assessment migration tool in beta!

Planning a Sitecore migration? Our free Chameleon Self Assessment tool connects to your Sitecore ins...

What Is SAD?

SAD stands for \"Sitefinity As a Database\" - a term for Sitefinity projects done without proper exp...

What Is eVeliko 2.0?

eVeliko 2.0 marks a turning point in how Eveliko works. This post tells the honest story behind the ...

 View All Posts

Read More

Explore more insights and case studies from our team.

View All Posts Get in Touch