Authentication is the process of verifying a user's identity. When you host your Site on CloudCannon, you can enable an authentication method to control who is allowed to see the live content of your website.
CloudCannon supports three authentication methods: password authentication, user account authentication, and SAML authentication.
- Password Authentication — Users must enter a Site password you configure to see your content.
- User Account Authentication — If you have invited a user to your Site, they must enter their email address and personal password to see your content.
- SAML Authentication — Users must log in through a third-party application (e.g., Google, OneLogin, etc.) to see your content.
You must host your Site on CloudCannon to use any of these authentication methods.
You can update the authentication method for your site on the Authentication page under Site Settings.
Why enable authentication?#
Authentication works well for Sites where you want to segregate what content your visitors have access to.
For example, if your Site is for internal company use only, you may want users to log in before they can see your website's content. Or, if your Site has a "Member's Only" section but still maintains public pages, you can authenticate a user's identity to access that section.
By default, CloudCannon's authentication methods affect every page on your Site. However, you can require authentication for a specific subset of pages using authenticated routes or by hosting your Site on a subpath.
Machine users#
In some cases, you may want a trusted third-party application to access your Site. This could be a machine user or script that uses resources from your Site to accomplish a task. Machine users can bypass authentication by providing the correct bearer token when they request your webpage.