Search Results

All Results 51
Sort By
Resource Type
Applicable Versions
Deployment Approach
Capability
Feature
Integrate Okta with Liferay DXP using OpenID Connect
How To
Introduction This recipe guides you through the steps to integrate Okta, your Identity Provider (IdP), with your Liferay environment using OpenID Connect. Prerequisites Okta Dev account Liferay DXP environment Administrative...
Captcha API Basics
Official Documentation
Captcha API Basics Liferay provides a headless API to retrieve and submit captchas using the SimpleCAPTCHA engine. Using the /captcha endpoint from the API Explorer, you can add captchas in your...
SCIM Resource Type, Service Provider, and Schema Basics
Official Documentation
SCIM Resource Type, Service Provider, and Schema Basics Liferay DXP 2025.Q2+ Liferay provides a headless API to query the SCIM resource types, service providers, and schemas available. Use the...
SCIM User API Basics
Official Documentation
SCIM User API Basics Liferay DXP 2024.Q1+/Portal GA112+ Liferay provides a headless API to perform CRUD operations on SCIM users to keep their identity information in sync with your company's...
SCIM Group API Basics
Official Documentation
SCIM Group API Basics Liferay DXP 2024.Q1+/Portal GA112+ Liferay provides a headless API to perform CRUD operations on SCIM groups to keep their information in sync with your company's...
Using OAuth 2.0
Official Documentation
Using OAuth 2.0 OAuth 2.0 is an industry-standard authorization protocol. Users with accounts on a Liferay-based website can share select credentials with various clients seamlessly. OAuth 2.0...
Client Secret JWT
Official Documentation
Client Secret JWT Liferay supports client secret JWT as an authentication method for OAuth 2 clients. In this flow, the client itself creates the assertion and signs it using the client secret....
Using Private Key JWT (JSON Web Token)
Official Documentation
Using Private Key JWT (JSON Web Token) Liferay supports private key JWT as an authentication method for OAuth 2 clients. In this flow, the client itself creates the assertion. Liferay authenticates...
Authorizing Account Access with OAuth2
Official Documentation
Authorizing Account Access with OAuth2 Once you have an application registered, you can start authorizing users. To do that, you must construct the URL to the authorization server (Liferay DXP)....
Issuing JWT Access Tokens
Official Documentation
Issuing JWT Access Tokens Liferay DXP 7.4 U45+/GA45+ You can configure Liferay to issue access tokens in the JWT format from System Settings. Enabling JWT Tokens Open the Global Menu...
OAuth 2 Scopes
Official Documentation
OAuth 2 Scopes In OAuth 2.0, applications are granted access to limited subsets of user data. These are called scopes (not to be confused with Liferay scopes). You can create them in two ways: ...
JSON Web Tokens (JWTs)
Official Documentation
JSON Web Tokens (JWTs) JSON Web Tokens (JWTs) represent encoded data. They are compact, self-contained, and secure. There are two primary types of JSON Web Tokens: Encrypted JWT: ensures the...
JSON Web Token Assertions
Official Documentation
JSON Web Token Assertions An assertion helps in sharing identity and security information across different domains. There are two uses for assertions: Authorization grants Client authentication...
Creating an OAuth2 Application
Official Documentation
Creating an OAuth2 Application When you have an application that can use OAuth 2.0 for authorization, you must register that application so Liferay can recognize it. Open the Global Menu...
Configuring the JWT Bearer Flow
Official Documentation
Configuring the JWT Bearer Flow The JWT Bearer flow trades a signed JWT from an external token service in exchange for an access token from Liferay. To use this flow, create an OAuth 2 client and...
Using OAuth2 to Authorize Users
Official Documentation
Using OAuth2 to Authorize Users You can create applications that access Liferay's headless REST APIs using the OAuth 2.0 authorization protocol. The provided sample React app demonstrates three...
Security and Administration
Official Documentation
Security and Administration After installation comes configuration. There are three areas you should examine carefully before opening your system to users: Security Administration Settings ...
Audit Framework
Official Documentation
Audit Framework Liferay's audit framework shows activities relating to users, user groups, organizations, roles, multi-factor authentication, and objects (definitions, fields, actions, layouts,...
Audit Configuration Reference
Official Documentation
Audit Configuration Reference Configuration settings for audits are available at a system scope. You can find these settings by opening the Global Menu (Global Menu) and navigating to Control Panel...
Searching and Exporting Audit Events
Official Documentation
Searching and Exporting Audit Events The audit application comes with simple and advanced searching capabilities. To use the simple search, you can enter a search term and click the magnifying...
User Authentication
Official Documentation
User Authentication The User Authentication settings define how Users can authenticate, the various authentication methods that are required for them, and the screen names and email addresses that...
Securing Sign-In
Official Documentation
Securing Sign-In The Sign-In widget calls the various mechanisms (the portal database, an LDAP server, a SAML identity provider, or any of the ways users can authenticate) that authenticate users....
Authenticating with Kerberos
Official Documentation
Authenticating with Kerberos You can use Kerberos to authenticate Microsoft Windows™ accounts with Liferay DXP. This is done by using a combination of Liferay DXP's LDAP support and a web server...
Securing Liferay
Official Documentation
Securing Liferay Liferay is built with security in mind. This includes mitigation of common security vulnerabilities and exploits like those described by the OWASP Top 10 and the CWE/SANS Top 25. ...
Configuring Authentication Types
Official Documentation
Configuring Authentication Types Users can be configured to log in using one of three authentication types: Authentication TypeDescriptionUsed by Default? Screen NameDetermined by administrator or...
Authenticating with CAS (Central Authentication Service)
Official Documentation
Authenticating with CAS (Central Authentication Service) CAS was deprecated as of Liferay DXP 7.2 and removed as of Liferay DXP 7.4. Please use SAML instead. CAS is a widely used open source...
Configuring Password Encryption Algorithms and Stored Password Formats
Official Documentation
Configuring Password Encryption Algorithms and Stored Password Formats Liferay encrypts passwords using an algorithm that aligns with the recommendations from the OWASP Password Storage Cheat...
Configuring Sign-In
Official Documentation
Configuring Sign-In By default, Liferay DXP uses the Sign In widget to authenticate users. The Sign In widget appears on the default home page at http[s]://[server-name:port]/web/guest/home. If...
Configuring Single Sign-On
Official Documentation
Configuring Single Sign-On Liferay Portal/DXP supports many ways of authenticating, from token-based solutions to standards such as OpenID Connect and SAML. With all the available options, you...
Authenticating with SAML
Official Documentation
Authenticating with SAML The SAML (Security Assertion Markup Language) adapter provides Single Sign On (SSO) and Single Log Off (SLO) in your deployment. SAML works by using Identity Providers...
Configuring SAML at the Instance Level
Official Documentation
Configuring SAML at the Instance Level Each portal instance can be a SAML provider, either an Identity Provider (IdP) or a Service Provider (SP). Whichever role your DXP instance fills, you can...
Configuring SAML at the System Level
Official Documentation
Configuring SAML at the System Level Before allowing any portal instances to enable SAML authentication, you should configure it at the system level so those instances have a foundation from which...
SAML Admin
Official Documentation
SAML Admin The SAML Admin panel is the best place to configure your SAML instance. Use it instead of Instance Settings to streamline your SAML administration experience. Starting from Liferay...
Using OpenAM
Official Documentation
Using OpenAM Deprecated in Liferay DXP 2024.Q4/Portal GA129 OpenAM 13 is deprecated as of Liferay DXP 2024.Q4/Portal GA129. OpenAM 12 and below were deprecated as of Liferay DXP 7.2. Versions of...
Importing User Groups' Memberships from an External IdP through SAML
Official Documentation
Importing User Groups' Memberships from an External IdP through SAML This feature was released behind a dev feature flag. It was made Generally Available (GA) in Liferay DXP 2024.Q2/Portal GA120....
Configuring Liferay Authentication With Auth0 Using OpenId Connect
Official Documentation
Configuring Liferay Authentication With Auth0 Using OpenId Connect This tutorial guides you through integrating Auth0, your Identity Provider (IdP), with your Liferay environment using OpenID...
Configuring Liferay Authentication With PingOne Using SAML
Official Documentation
Configuring Liferay Authentication With PingOne Using SAML This tutorial guides you through the basic steps needed to integrate PingOne, your Identity Provider (IdP), with your Liferay environment...
Multi-Factor Authentication
Official Documentation
Multi-Factor Authentication Liferay DXP 7.3+ Multi-Factor Authentication (MFA) provides better security by requiring users to prove their identity in multiple ways, or factors. The basic user...
Multi-Factor Authentication Checkers
Official Documentation
Multi-Factor Authentication Checkers Liferay DXP 7.4 ships with two additional factor checkers for Multi-Factor Authentication. Both of them are disabled by default, because they're only useful in...
Fast IDentity Online 2
Official Documentation
Fast IDentity Online 2 Available: Liferay DXP/Portal 7.4+ The Fast IDentity Online 2 or FIDO2 standard allows for the use of biometrics (i.e., fingerprint readers), mobile devices, or other...