Federated logins

Federated (or claims based) authentication provides your site with the ability to use a third party identity provider to authenticate users.  The identity provider can be a fully independent system, currently Yahoo and Microsoft LiveID are supported. Alternatively you can enable your own active directory to be an identity provider also.

More details on federated logins and how they fit into the general Sitekit authentication options.

In terms of configuration the login and logout are created by embedding two new magic words on the relevant templates. Federated authentication is an option for both deployed and hosted systems

The site settings are below:

1. Master user group - the master user group that all federate users will belong to. This
2. Federation realm - This is the domain the federation server expects the authentication request to come from.
3. Federation metadata XML URL - The main configuration file. Used to define certification and the endpoints below on the ACS federation server
4. Passive URL - read only, updates from the metadata XML filer above on clicking 'install'
5. Signing Entry ID - read only, updates from the metadata XML filer above on clicking 'install'
6. Install button- updates the CMS held endpoints above and stores them locally, update the last refreshed date and time displayed alongside the button.
7. Claims to Sitekit User field name mappings - these are used to provide mappings between what is returned from the claims based authentication and the relevant Sitekit user fields.