Configure Opti ID for CMS

  • Updated

To configure Opti ID for Optimizely Content Management System (CMS), you must first enable Opti ID for your CMS instance. Then you can install Opti ID locally, test code changes to your DXP environment, and deploy the code changes to DXP.

Opti ID is compatible with CMS 12 and Commerce Connect 14.

Prerequisites

Enable Opti ID for CMS

  1. Log into the Opti ID Admin Center.
  2. Go to Product Access > Products > Optimizely Content Management System.
  3. Select the CMS instance for which you want to enable Opti ID.
  4. Go to the Details tab and click Edit.
  5. Select Opti ID Enabled and click Save.
Checking Opti ID Enabled prepares your DXP environment but does not impact existing authentication on the site. You cannot undo this, so ensure you are ready to move forward. It can take up to an hour before Opti ID is fully provisioned.

Install and test Opti ID for CMS

Install the following NuGet package in your solution using the NuGet Package Manager in Visual Studio or the command line:

dotnet add package EPiServer.OptimizelyIdentity

In startup.cs in the ConfigureServices method, enable Opti ID with the following:

services.AddOptimizelyIdentity(useAsDefault: true);

Opti ID is only enabled in shell modules, preview, and edit mode by default. UseAsDefault enables Opti ID globally throughout the application. You can configure AuthenticationOptions when more control is needed over which authentication scheme is active. The namespace EPiServer.OptimizelyIdentity.OptimizelyIdentityDefaults contains constants if you must reference the scheme name while configuring.

Remove any calls to services.AddCmsAspNetIdentity<TUser>() if you are not using ASP.NET Identity.

Opti ID automatically maps the virtual roles CmsEditors and CmsAdmins. You must remove the mapping of these if you already have any.

Test

Before testing, ensure you have assigned your user to at least one of the built-in system roles for CMS. Deploy the code changes to DXP to start testing or run the application by setting up Opti ID locally.

Edit and admin user interface (UI) are accessible on /ui/cms/ after you have installed Opti ID.

Run Opti ID locally

You can use Opti ID locally on any of the following URLs:

  • https://localhost:5000
  • https://localhost:5096
  • https://localhost:6921
  • https://localhost:7595

For this to work, you also need the settings below, which you can find in DXP Management Portal (PaaS Portal) > API > Opti ID dev key. You can only use keys from the integration environment locally. These settings are provided automatically when the application is deployed to Optimizely Digital Experience Platform (DXP).

In appsettings.json, add the following to run Opti ID locally:

{
  "EPiServer": {
    "Cms": {
      "OptimizelyIdentity": {
        "InstanceId": "xxx",
        "ClientId": "xxx",
        "ClientSecret": "xxx"
      }
    }
  }
}

When you confirm Opti ID works locally, deploy the code changes to DXP.

FAQs

Can my site visitors use ASP.NET Identity or any other authentication scheme?

Yes. The Opti ID authentication scheme is enforced in protected modules, such as the edit and admin UI and add-ons. Enable any other authentication scheme and ensure Opti ID is not set as the default authentication scheme:

services.AddOptimizelyIdentity(useAsDefault: false);

Why do I get an error in Okta when testing locally?

Ensure you are using one of the allowed URLs and running your application with HTTPS enabled.

Why is the edit UI not loading and giving a 404 error?

Ensure you are accessing the CMS on the/ui/cms path.