Agility CMS is constantly evolving to meet or exceed industry best-practices for security. One of the benefits of our platform is that you get these updates automatically so can rest assured you have a team of dedicated professionals thinking about security so you don't have to (... as much 🤔).
Agility CMS manages how you can authenticate CMS users and how your apps can access content from the CMS APIs.
In this guide:
Authenticating CMS Users
How you authenticate with Agility CMS is critical to ensuring your instance is kept safe and secure. We also believe authentication doesn't need to be complicated or complex to be secure. With Agility CMS we make it easy to sign up or login using a variety of login providers, while also giving the enterprise more control over their users.
- Compliant, using industry best-practices - we are PCI DSS compliant so you can rest assured your passwords and personal data are safe with us
- Fewer passwords to keep track of - sign up or log in using your personal Google, GitHub, or Microsoft account
- Enterprise-ready - we support single sign-on for Azure Active Directory and more
- Enhanced protection - optionally enforce that your Organization users must use Multi-factor authentication in order to log in
Agility CMS allows you to generate API Keys that allow you to retrieve content from our APIs. These are typically created and used by developers in their websites or applications to pull content from the CMS.
- Flexible - generate as many API keys as you need, we recommend generating a new key for each developer or application that will be using them
- Revoke access easily - set an expiry date, deactivate or delete API Keys at any time
- In control - each API key can be set to only allow preview or published content only