Authentication and authorization

Episerver is designed to meet high standards regarding security features within a wide range of scenarios. Login security is based on the authentication and authorization system using the built-in membership and role system in ASP.NET. Episerver also supports ADFS/SSO and OWIN, as well as OpenID Connect to integrate with Azure AD.

The Episerver platform manages authentication and authorization in a distributed multi-site content management environment, with multiple users collaborating on content. 


  • Membership:
    • Authentication based on the ASP.NET framework for role, membership and profile providers
    • You can integrate providers for Active Directory and Windows, and any customized provider.
  • Federated security and OWIN (Open Web Interface for .NET):
    • Support for single sign-on and social log in.
    • Uses the ASP.NET Identity system for ASP.NET applications.


  • You can define access rights for specific content types and languages.
  • Let selected user groups edit information on specific sections of the website.
  • Apply access rights to selected visitor groups, displaying targeted content to these.
  • Define virtual roles that return access rights based on custom evaluation rules.
  • Define granular permissions for users or roles.

Find out more



Last updated: Nov 01, 2018