The solution refers to Sitefinity 10+ approach described in Progress Article 000071678, Authenticate user in Sitefinity using a console application - call Sitefinity services server side
and extends it with issuing of authentication cookie. This solution builds over it.
The solution in the above KB article uses Bearer token to authenticate requests to web services, but for pages and for working with services which require certain permissions (e.g. Users service, ManageUsers permission), a cookie must be issued on top of the Bearer token.
To construct the cookie refer to the attached AuthenticateSitefinity.zip that contains the helper class (SitefinityClient.cs) to issue a cookie. In this class refer to the constants at the bottom to fill in ClientId, ClientSecret, username, password and membership provider of the site where the authentication occurs.
private const string ClientId = "testApp";
private const string ClientSecret = "secret";
private const string DefaultAdminName = "firstname.lastname@example.org";
private const string DefaultAdminPass = "password";
private const string AuthorizationHeader = "Authorization";
private const string MembershipProviderParameter = "membershipProvider";
private const string IdentityServerTokenServiceUrl = "/Sitefinity/Authenticate/OpenID/connect/token";
private const string CookieAuthPath = "/retrieveAuthCookie";
private const string MembershipProvider = "Default";
In the Main method, if executed in a console application, execute the following:
public static void Main(string args)
SitefinityClient client = new SitefinityClient();
client.RequestAuthenticate("Default", "email@example.com", "password", false, true, true);
var responseService = client.GetAsync("Sitefinity/Services/Publishing/PublishingService.svc")
var content = new
urlname = "test-library",
title = "test library"
var postrequest = client.postasync("api/default/documentlibraries", new stringcontent(json, encoding.utf8, "application/json"));
var result = postrequest.result;
Refer to the attached console application for a sample on using the SitefinityClient.cs to issue a cookie to view a protected page.