Provide cross-platform authentication

Authenticate visitors using a variety of authentication methods, including multi-factor, social logins, OpenID, single sign-on, and more. Or integrate your own user database or authentication service.

Multi-factor authentication

Do you have strong compliance requirements (PCI-DSS, HIPAA, PDS2)? Multi-factor authentication (MFA) is being increasingly used to help prove a users’ identities by requiring them to provide at least two pieces of evidence: something they know (password), something they have (phone, token key, passcode) or something they are (fingerprint, facial recognition).  

Out of the box, you can use a combination of the more classical forms authentication and a passcode to verify the identity of a user easily. The passcodes can be generated by any authenticator application using the Time-based One-time Password Algorithm (TOTP), making it much more difficult for unauthorized persons to access your website. For the live site, you can add your own MFA functionality using ASP.NET Identity API. Multi-factor authentication is especially effective when combined with a single sign-on (SSO) solution.

Single sign-on

Single sign-on (SSO) allows a user to log in with a single ID and password to any of several related, yet independent, software systems. True single sign-on allows the user to log in once and access services without re-entering authentication factors, strengthening security even further and improving the user experience.  

With Kentico Xperience, single sign-on can be implemented to enable seamless working between your live site and the administration interface, to simplify switching between sites, or even to make accessing custom pages within your website easier using our API. 

Third-party authentication services

Have you ever been presented with the option to log in to your Google, LinkedIn, or Facebook account? If yes, then you have encountered third-party authentication. Third-party sign-on is a great alternative to the basic username/password authentication—no additional passwords! By integrating third-party services, website visitors can sign into their loyalty or commerce account on your site using an existing user account from another site or service. 

If social logins do not align with your brand, you can also easily connect to other external identity providers such as Active Directory Federation Services (ADFS), Azure Active Directory (AAD) or OpenID Connect services. 

Windows authentication and Active Directory integration

Do you prefer to integrate Kentico Xperience with your Windows Active Directory? Ideal for managing secure access to the Xperience administration application, this approach enables users on a Windows domain to log into Kentico Xperience without signing in again.  

When the system successfully authenticates a user via Windows Active Directory for the first time, it automatically creates a matching user account in the Xperience database.  

Password-based authentication

While it is not a form of authentication that security experts recommend, username/password authentication, otherwise known as forms authentication, it’s still the most used method for logging into an application or service. So if you do not have strong authentication requirements, then authenticating users, whose names and passwords are stored in Kentico Xperience using forms authentication based on the standard ASP.NET security mechanism, might just be right for you.

Claim-based authentication

Working with federated identities? Want to use your own identity service with Xperience? By using claim-based authentication you can remove the need for Kentico Xperience to perform authentication and user account management tasks. This way, account management becomes easier as you have centralizing authentication with your chosen identity service provider and avoid signing in multiple times.

Custom authentication

Kentico Xperience is known for its flexibility. Want to create your own service for authenticating users? Yes, we can support that too! Leverage an existing authentication service or user database, or customize the steps the system takes after a user signs in or out using claims or MFA.

Try Kentico

Beat the competition and start delivering results with the only digital experience platform that combines advanced capabilities, a short time to value, and ease of use.

Key features for integrations

Out-of-the-box Integrations

Benefit from prepackaged integrations.


Extensibility and APIs

Access any feature with robust and open REST API.


Integration Bus

Build connectors with the Integration Bus.


Translation Management

Connect third-party translation services and automate your translation process.



Authenticate visitors using a variety of authentication methods.


Payment Providers

Integrate your choice of payment methods and make payment an integral part of the checkout process.

Cookie consent

We use necessary cookies to run our website and improve your experience while browsing to provide you with relevant information in your searches on our and other websites. The additional cookies are only used with your consent. With your consent, we may also transmit certain personal data to marketing platforms for targeted marketing purposes.


We're sorry, but your browser is currently not supported. Try using our website in other browsers like the new Microsoft Edge, Google Chrome, or Mozilla Firefox.
Should you have any query or want to report any issue, feel free to send us an email to