Securing SDL Tridion Sites
SDL Tridion Sites supports a wide range of security frameworks to secure every part of its architecture.
- Supported authentication methods
SDL Tridion Sites supports various authentication methods across the product suite, including Tridion Access Management. For supported applications, you can use Access Management to configure authentication using your choice of Identity Provider (IdP) and authentication protocol. - Tridion Access Management
Tridion Access Management (or simply Access Management) provides a single, simplified interface for managing access for both end users and application APIs. - Content Manager security
Ensuring the security of your Content Manager environment is a broad topic that involves configuring and managing security settings for the server-side environment, secure access to the database, and the client-side access and permissions for individual applications. - Add-ons feature security
By default, the Add-on service is installed without security, meaning that any user can perform any operation using the user interface or API. While this may be acceptable in a development environment, in a production environment, RWS strongly recommends that you restrict access to the service. The Add-on service can be accessed by users with different roles, to provide varying levels of access. - Experience Optimization security
This section describes the Experience Optimization subsystems and services and the rights and privileges each part requires. - Topology Manager security
By default, Topology Manager is installed without security, meaning that any user can perform any operation using the user interface or API. While this may be acceptable in a development environment, in a production environment, RWS strongly recommends that you restrict access to the service. Topology Manager can be accessed by users with different roles, to provide varying levels of access. - Translation Manager security
By default, Translation Manager is installed without security. While this may be acceptable in a development environment, in a production environment, RWS strongly recommends that you implement security measures. - Securing Tridion web interfaces against CSRF
Several of the web-based user interfaces in SDL Tridion Sites communicate with a server-side UI framework, including the Content Manager Explorer and Experience Manager. To guard these UIs against cross-site request forgery (CSRF), configure anti-CSRF security on the Content Manager server. - References and links
For information on security in general, refer to the following resources.