Sitefinity Custom 2FA Authentication

sitefinity | 2021-05-20

💡 Idea in General

  1. Create a new user in Sitefinity
  2. User receives a QR code and sets up Authenticator
  3. User logs in with username & password → Prompted for 2FA code
  4. Login Successful!

🔗 Sample Code


✅ Steps

1. Add a Custom Field to User Profile

Go to:

/Sitefinity/Administration/ProfileTypes -> Basic Profile

Add a custom field – AuthCode (ShortText) in the user profile.

screen1

2. Create a New User

  • Wait for email
  • Set up the Authenticator app on your mobile

screen2

3. Update Advanced Settings

Go to /Sitefinity/Administration/Settings/Advanced

a. **Authentication** → Authentication protocol → Set to `SimpleWebToken`  
b. **Security** → RelyingParties → Add a new record  
   - `realm="http://<host>"`, use the same key as localhost  
c. **SecurityTokenIssuers** → Add a new record  
   - `realm="http://<host>"`, use the same key as localhost

screen3

4. Update web.config with wsFederation Settings

 <system.identityModel.services>
    <federationConfiguration>
      <wsFederation passiveRedirectEnabled="true" issuer="http://<host>/wsauth/authenticate/swt" realm="http://<host>" requireHttps="false" />
      <cookieHandler requireSsl="false" />
    </federationConfiguration>
  </system.identityModel.services>

5. Restart Sitefinity.

6. Test Login

Go to /Sitefinity, it will route you to the sample login screen

screen4

📌 Further enhancements:

  • Make fields configurable, such as: – custom field name – email template
  • Make it work in all Sitefinity version (Currently tested in v12.2)

📚 References