Let’s imagine that you need to restrict to secure your whole site, or only your Content Management instance. No anonymous access. As a Sitecore old school guy I tough about site requireLogin setting set to true and loginPage tp /sitecore/login
From old Sitecore Developer Network
It changes with Sitecore 9.1 and Identity Server . A must read article, Understanding Sitecore authentication behavior changes, says that the new format is /identity/login/{your_sxa_site_name}/SitecoreIdentityServer.
My first attempt – adding loginPage and requireLogin settings into Other Properties section in SXA Site Manager. Settings added, published – I dramatically filed. I got into some infinit loop. No able to log into Sitecore and revert my changes back. Remember SXA Site Manger Settings deployed to web.
The missing part is to configure Sitecore Identity Server to be recognized as the identity provider for your SXA site. As mentioned in the article, there are a few predefined mappings. They are defined in the “\App_Config\Sitecore\Owin.Authentication\Sitecore.Owin.Authentication.config” file.
You might create a configuration patch to either assign SitecoreIdentityServer to one of the existing mappings or create a new one, for example:
<mapEntry name="some meaningful mapping name" type="Sitecore.Owin.Authentication.Collections.IdentityProvidersPerSitesMapEntry, Sitecore.Owin.Authentication">
<sites hint="list">
<site>{your SXA site name}</site>
</sites>
<identityProviders hint="list:AddIdentityProvider">
<identityProvider ref="federatedAuthentication/identityProviders/identityProvider[@id='SitecoreIdentityServer']" id="SitecoreIdentityServer" />
</identityProviders>
</mapEntry>
In my case, I wanted to restrict access only to Content Management Server and I leverage SXA multisite feature -> Manage multiple sites with the SXA Site Manager.
I had a site definition only for my PROD CM server where I set those 2 new settings
The value for each sitecore instance can be set in Sitecore.XA.SitesToResolveAfterSxa.config file.
