Sitecore Security Domains: A Guide to Managing User Access and Permissions
Sitecore is a powerful content management system that allows organizations to manage their digital content effectively. However, with great power comes great responsibility, and security is a critical aspect of any CMS. Sitecore provides several security domains to help organizations secure their content and ensure that only authorized users can access it.
1. Authentication Domain: This domain is responsible for authenticating users and verifying their identity. Sitecore supports various authentication providers, including Active Directory, LDAP, and custom providers.
2. Authorization Domain: This domain is responsible for controlling access to Sitecore content. It allows administrators to define roles and permissions for users and groups, ensuring that only authorized users can access specific content.
3. Domain Access Rights: This domain is responsible for controlling access to specific domains within Sitecore. It allows administrators to define access rights for users and groups, ensuring that only authorized users can access specific domains.
4. Security Accounts Domain: This domain is responsible for managing security accounts within Sitecore. It allows administrators to create and manage user accounts, groups, and roles, ensuring that only authorized users can access Sitecore content.
5. Encryption Domain: This domain is responsible for encrypting sensitive data within Sitecore. It ensures that data is protected from unauthorized access and provides an additional layer of security for Sitecore content.
Domain Manager:
The domain is nothing but a collection of users and roles as security accounts. Domains are used to identify the Users which are defined in User Manager. The user name is also defined using the site’s domain.
There are some default domains available; “Extranet”, “Sitecore”, and “Default”.
How do We create a domain in Sitecore?
Create a domain
- Go to Sitecore–> Launchpad and click Domain Manager.
- In Domain Manager, in the Domains group, click New.
- It will open a dialog modal, enter the name of the domain and, if you want the domain to be managed locally, select the Locally Managed Domain check box.
- And click OK.
Here, in the same way, we can also do “Edit” for updating newly created domains
And we can also “Delete” domains using the Delete icon on the Domain Manager screen,
It will ask for confirmation while deleting a particular Domain as like below,
Whenever click on the “OK” button, the selected domain will remove from the domain manager list, also it will have removed from Site Settings from Sites where we have to select the particular domain for newly created sites.
When we create a new site under than Tenant folder in Sitecore SXA, that time we have to define the Domain for that site.
By default, it will take “extranet” as the default domain for that newly created site. We can change or update it with our newly created domain as like below,
This is some important information that I have shared with you guys, I hope it will help you to resolve your Sitecore Domains-related concerns.
You can check deep dive into setting Roles and Permissions to Users based on Domains Click Here
References:
1. Sitecore Security Guide: https://doc.sitecore.com/en/developers/90/platform-administration-and-architecture/security-guide.html
2. Sitecore Security Domains: https://doc.sitecore.com/en/users/91/sitecore-experience-platform/security-domains.html
3. Sitecore Authentication Providers: https://doc.sitecore.com/en/developers/90/platform-administration-and-architecture/authentication-providers.html
4. Sitecore Authorization: https://doc.sitecore.com/en/users/91/sitecore-experience-platform/authorization.html
5. Sitecore Encryption: https://doc.sitecore.com/en/developers/90/platform-administration-and-architecture/encryption.html