Search Results

All Results 49
Ordenar por
Resource Type
Deployment Approach
Capability
Feature
JSON Web Tokens (JWTs)
Official Documentation
JSON Web Tokens (JWTs) JSON Web Tokens (JWTs) represent encoded data. They are compact, self-contained, and secure. There are two primary types of JSON Web Tokens: Encrypted JWT: ensures the...
Issuing JWT Access Tokens
Official Documentation
Issuing JWT Access Tokens Liferay DXP 7.4 U45+/GA45+ You can configure Liferay to issue access tokens in the JWT format from System Settings. Enabling JWT Tokens Open the Global Menu...
Using Private Key JWT (JSON Web Token)
Official Documentation
Using Private Key JWT (JSON Web Token) Liferay supports private key JWT as an authentication method for OAuth 2 clients. In this flow, the client itself creates the assertion. Liferay authenticates...
Configuring the JWT Bearer Flow
Official Documentation
Configuring the JWT Bearer Flow To use JWT Bearer as a grant type in Liferay, you must create an OAuth 2 client with the Client Authentication Method set to Client Secret Basic or Post. The client...
JSON Web Token Assertions
Official Documentation
JSON Web Token Assertions An assertion helps in sharing identity and security information across different domains. There are two uses for assertions: Authorization grants Client authentication...
Configuring Authentication Types
Official Documentation
Configuring Authentication Types Users can be configured to log in using one of three authentication types: Authentication TypeDescriptionUsed by Default? Screen NameDetermined by administrator or...
Securing Sign-In
Official Documentation
Securing Sign-In The Sign-In widget calls the various mechanisms (the portal database, an LDAP server, a SAML identity provider, or any of the ways users can authenticate) that authenticate users....
SCIM Resource Type, Service Provider, and Schema Basics
Official Documentation
SCIM Resource Type, Service Provider, and Schema Basics Liferay DXP 2025.Q2+ Liferay provides a headless API to query the SCIM resource types, service providers, and schemas available. Use the...
Security and Administration
Official Documentation
Security and Administration After installation comes configuration. There are three areas you should examine carefully before opening your system to users: Security Administration Settings ...
Client Secret JWT
Official Documentation
Client Secret JWT Liferay supports client secret JWT as an authentication method for OAuth 2 clients. In this flow, the client itself creates the assertion and signs it using the client secret....
LDAP Configuration Reference
Official Documentation
LDAP Configuration Reference To access LDAP configuration settings, open the Global Menu (Applications Menu icon) and navigate to Control Panel → Configuration → Instance Settings → Security →...
Connecting to a User Directory
Official Documentation
Connecting to a User Directory LDAP (Lightweight Directory Access Protocol) is a common user store for Liferay DXP. You can import user information from an LDAP server into Liferay or export...
Configuring User Import and Export
Official Documentation
Configuring User Import and Export The import/export settings configure mappings between LDAP and Liferay to match users between the two systems. Finding Users in Your LDAP Directory...
Connecting to an LDAP Directory
Official Documentation
Connecting to an LDAP Directory Lightweight Directory Access Protocol (LDAP) servers are common user stores for Liferay DXP. You can configure LDAP at the system scope in System Settings or at the...
SAML Authentication Process Overview
Official Documentation
SAML Authentication Process Overview Both the IdP and the SP can initiate the Single Sign On process, and the SSO flow is different depending on each one. Regardless of how it's initiated, SSO is...
Securing Liferay
Official Documentation
Securing Liferay Liferay is built with security in mind. This includes mitigation of common security vulnerabilities and exploits like those described by the OWASP Top 10 and the CWE/SANS Top 25. ...
Configuring Sign-In
Official Documentation
Configuring Sign-In By default, Liferay DXP uses the Sign In widget to authenticate users. The Sign In widget appears on the default home page at http[s]://[server-name:port]/web/guest/home. If...
Configuring Single Sign-On
Official Documentation
Configuring Single Sign-On Liferay Portal/DXP supports many ways of authenticating, from token-based solutions to standards such as OpenID Connect and SAML. With all the available options, you...
Authenticating with CAS (Central Authentication Service)
Official Documentation
Authenticating with CAS (Central Authentication Service) CAS was deprecated as of Liferay DXP 7.2 and removed as of Liferay DXP 7.4. Please use SAML instead. CAS is a widely used open source...
Authenticating with Kerberos
Official Documentation
Authenticating with Kerberos You can use Kerberos to authenticate Microsoft Windows™ accounts with Liferay DXP. This is done by using a combination of Liferay DXP's LDAP support and a web server...
Authenticating with SAML
Official Documentation
Authenticating with SAML The SAML (Security Assertion Markup Language) adapter provides Single Sign On (SSO) and Single Log Off (SLO) in your deployment. SAML works by using Identity Providers...
Configuring SAML at the Instance Level
Official Documentation
Configuring SAML at the Instance Level Each portal instance can be a SAML provider, either an Identity Provider (IdP) or a Service Provider (SP). Whichever role your DXP instance fills, you can...
Configuring SAML at the System Level
Official Documentation
Configuring SAML at the System Level Before allowing any portal instances to enable SAML authentication, you should configure it at the system level so those instances have a foundation from which...
Importing User Groups' Memberships from an External IdP through SAML
Official Documentation
Importing User Groups' Memberships from an External IdP through SAML This feature was released behind a dev feature flag. It was made Generally Available (GA) in Liferay DXP 2024.Q2/Portal GA120....
SAML Admin
Official Documentation
SAML Admin The SAML Admin panel is the best place to configure your SAML instance. Use it instead of Instance Settings to streamline your SAML administration experience. Starting from Liferay...
Configuring Liferay Authentication With Okta Using OpenId Connect
Official Documentation
Configuring Liferay Authentication With Okta Using OpenId Connect This tutorial guides you through the basic steps needed to integrate Okta, your Identity Provider (IdP), with your environment...
Configuring Liferay Authentication With PingOne Using SAML
Official Documentation
Configuring Liferay Authentication With PingOne Using SAML This tutorial guides you through the basic steps needed to integrate PingOne, your Identity Provider (IdP), with your Liferay environment...
Using OpenAM
Official Documentation
Using OpenAM Deprecated in Liferay DXP 2024.Q4/Portal GA129 OpenAM 13 is deprecated as of Liferay DXP 2024.Q4/Portal GA129. OpenAM 12 and below were deprecated as of Liferay DXP 7.2. Versions of...
Captcha API Basics
Official Documentation
Captcha API Basics Liferay provides a headless API to retrieve and submit captchas using the SimpleCAPTCHA engine. Using the /captcha endpoint from the API Explorer, you can add captchas in your...
Configuring Liferay Authentication With Auth0 Using OpenId Connect
Official Documentation
Configuring Liferay Authentication With Auth0 Using OpenId Connect This tutorial guides you through integrating Auth0, your Identity Provider (IdP), with your Liferay environment using OpenID...
Token-based Single Sign On Authentication
Official Documentation
Token-based Single Sign On Authentication Token-based SSO authentication was introduced in Liferay Portal 7.0 to standardize support for Shibboleth, SiteMinder, Oracle OAM, and any SSO product that...
Using OpenID Connect
Official Documentation
Using OpenID Connect OpenID Connect is a lightweight authentication layer that enables users to authenticate using accounts they have on other systems. It's built on top of the OAuth 2.0...
SCIM User API Basics
Official Documentation
SCIM User API Basics Liferay DXP 2024.Q1+/Portal GA112+ Liferay provides a headless API to perform CRUD operations on SCIM users to keep their identity information in sync with your company's...
Multi-Factor Authentication
Official Documentation
Multi-Factor Authentication Liferay DXP 7.3+ Multi-Factor Authentication (MFA) provides better security by requiring users to prove their identity in multiple ways, or factors. The basic user...
SCIM Group API Basics
Official Documentation
SCIM Group API Basics Liferay DXP 2024.Q1+/Portal GA112+ Liferay provides a headless API to perform CRUD operations on SCIM groups to keep their information in sync with your company's...
Fast IDentity Online 2
Official Documentation
Fast IDentity Online 2 Available: Liferay DXP/Portal 7.4+ The Fast IDentity Online 2 or FIDO2 standard allows for the use of biometrics (i.e., fingerprint readers), mobile devices, or other...
AntiSamy
Official Documentation
AntiSamy Liferay DXP includes an AntiSamy module that protects against user-entered malicious code. If your site allows users to post content in message boards, blogs, or other applications, these...
Using Multi-Factor Authentication
Official Documentation
Using Multi-Factor Authentication To enhance your installation's security, you should disable less secure, one-factor forms of authentication, such as Basic Auth, Digest Auth, and WebDAV. You can...
System for Cross-domain Identity Management (SCIM)
Official Documentation
System for Cross-domain Identity Management (SCIM) Liferay DXP 2024.Q1+ System for Cross-domain Identity Management or SCIM, is an open standard that automates user provisioning. In other words,...
Using OAuth 2.0
Official Documentation
Using OAuth 2.0 OAuth 2.0 is an industry-standard authorization protocol. Users with accounts on a Liferay-based website can share select credentials with various clients seamlessly. OAuth 2.0...