Sitefinity 10.0 Beta Announced - Feature Previews & Betas - Feature Previews & Betas - Progress Community
 Feature Previews & Betas

Sitefinity 10.0 Beta Announced

  • Hi,

    I installed your beta version and try to configure a SSO like your documentation specify:

    I receive a error "Invalid JSON primitive" on the sitefinity client after the login

    My configuration:

    I installed 2 sitefinity version 10. All in localhost with SQL Express. One is the CMS STS and the second is the client. I don't use https.

    Can you tell me why I receive this error?

    One point  I don't understand the documentation for the configuration of the CMS STS about the 4 paragraph: "In the left pane, click Security and in ValidationKey, enter the key that you copied in Step 16 of the above procedure."

    But If I have multiple Sitefinity client which key must be copied ???

  • Hi. This error normally happens when the client application cannot obtain the metadata from the STS due to miscofiguration. I checked the documentation and it appears to have some incorrect points:

    • Point 3 - In Issuer, enter the full URL to the STS, concatinated by /Sitefinity/Auth - the path actually depends on the ServicePath configured in Settings -> Advanced -> Authentication -> SecurityTokenService. By default it's '/Sitefinity/Authenticate/OpenID', not '/Sitefinity/Auth'. You can change it to anything you want or leave it with the default value. This is the most probable reason for the error mentioned.
    • Regarding the Validation key - actually the Validation key from the STS should be copied to any client application, not the way around
    • Also there is another encryption key that should be copied too. In Advanced settings -> Authentication copy the EncryptionKey from the STS to any client application.
    • Moreover, in the STS when configuring the client you may need to configure the RedirectUris and PostLoggoutRedirectUris. Add the allowed redirect URLs for the specified client, for example ''

    Let me know if you managed to configure the SSO

  • Hello. Regarding your question about the Sitefinity roles for new Google/Facebook users there is a setting in Settings -> Advanced -> Authentication -> SecurityTokenService -> AuthenticationProviders. Select the provider and there is a setting 'Auto assigned roles'. Keep in mind that this roles will be assigned only for new users

  • Richard said:

    Does the MVC-based Widgets Tracking include custom developed MVC widgets or just OOB widgets?  If not is there code snippets we can add to custom MVC widgets to get them communicating with DEC?


    "MVC-Based Widgets Tracking
    All MVC-based widgets in the CMS can now send data to the Digital Experience Cloud out of the box..."

    Hi Richard,
    What we mean with this item is that all out-of-the-box MVC widgets are now covered with the same tracking as web forms, since previously some MVC widgets were lacking the tracking functionality provided in web forms widgets.
    If you extend any of them and replace the views and scripts, the server-side events will still work as long as the logic in the overriden model base methods is not skipped. The client-side tracking will also work as long as the calls performed by the DEC JavaScript SDK are still there. You can find more information on the tracking events here:
    For new custom widgets, you would have to utilize the DEC JavaScript SDK or .NET SDK additionally in order to configure the necessary tracking.
    I hope that helps,

  • Hi Viktor,

    No I have anymore the error but on the Client website when I'm log-in I can enter what I want like username password. And he display the user of the CMS STS. And I cannot go to the backend of the client ?!?

    Something is strange with this configuration. What I want is simple:

    A sitefinity website he would be the CMS STS  and a other sitefinity website he would be the client.

    When I log-in on the client he check if the user exist into the CMS STS if yes I'm log-in and I can see the backend of the Client CMS.

    Can you please describe me step by step the correct procedure to do that?



  • 80ff551e-37c1-6deb-a958-ff0000446526_2017-03-10_16-01-42.png


    I create a new client and follow again step by step the SSO configuration now I receive this error when I want login to my  new client (see screenshot)



  • Francis Kienlen said:
    I create a new client and follow again step by step the SSO configuration now I receive this error when I want login to my  new client (see screenshot)



    Hi. Can you enable the logging for the STS from Advanced settings -> SecurityTokenService -> IdentityServer. This will log the actual error in the Authentication log. Normally this happens when something is still not properly configured.

    Also, does this happen before or after you enter your credentials?

  • 9700561e-37c1-6deb-a958-ff0000446526_2017-03-13_11-35-30.png

    Hi Viktor,

    This log help me there's a little bit a mistake from me (clientid was wrong) and that was after I enter the credentials.

    Now I have this situation:

    - When the STS is login-in with the admin user I can use any CMS Client with  any username or password and I'm log-in why?

    - When the STS is logout and when I use one of my CMS Test Client and log-in I receive a unexpected error windows "something went wrong"

    I send you into the attachment my authentication log files from the CMS STS

    Can you please tell me why I have this issue?


  • Did you copy the EncryptionKey from the STS application to the client one located in Advanced settings -> Authentication? Because the error you get is that there is a problem with the decryption of the data sent from the client to the STS. Make sure to restart the application after updating the settings.

  • 9100561e-37c1-6deb-a958-ff0000446526_2017-03-13_15-13-48.png

    Right I don't copy the EncryptionKey now it's good and also updated correctly in Documentation '-)

    Now my new questions:

    When I log-in at first to CMS STS and when I go to the CMS Client and click on login link I see the  input box of log-in and here I can enter what I want... It's possible to be log-in immediately without see login widget? (see attachement)

    And most important how can I go to the backend from my CMS Client for create/editing pages (not the CMS STS backend)?

  • Hi Viktor,

    I found this issue, he comes from the name of the provider. A blank space was insert at the end. I fix it.

    He would be fine to insert a comment from the doc before the paragraph 18 to restart the IIS because the membership provider isn't see the first time from administration / users


    NEW Question:

    I have a CMS STS website

    I have a first client CMS TEST1 and I have a second client CMS TEST2 configure with CMS STS.

    When I'm logout from CMS TEST1 I want also that CMS TEST2 is also logout how can I do that?



  • Glad to hear that you managed to make it work.

    Regarding your question, what you want is Single Sign-Out which unfortunately is currently not supported. It may be logged as a Feature Request. 


  • If I understand you right, you want to have the same user in both Databases (CMS STS and CMS Client)? This is not recommended, as it will lead to duplicate users and this can make the authentication behave incorrectly.
  • My problem is when in future I want that the CMS Client want be standalone (not more attach to a CMS STS) how can I find my users.

    Especially If I have more than one CMS Client attach to a CMS STS. I want backup my user for each CMS client.

    Have you a solution for that?


  • Error in Sitefinity Nuget on updating?

    I'm not able to update projects with Progress.Sitefinity.Authentication. It refers to Telerik.Sitefinity.OpenAccess version 10.0.6400.0, but the correct version there should be 2016.2.822.1 ?