Capability

Security

検索バー

Liferay DXP is built with security in mind. A variety of standards based authentication methods and integrations can be used to ensure secure access to a site and its resources. Robust role-based access control with permissions gives you fine grained control over what authenticated and unauthenticated users can access, share, or edit. Liferay DXP’s web services also have a multi-layered and configurable approach to security and authorization.

Feature
Deployment Approach
Workflow Definition Link API Basics
Official Documentation
Workflow Definition Link API Basics Liferay DXP 2025.Q1+/Portal GA132+ You can manage workflow definition links from the Liferay UI or using Liferay's REST APIs. In Liferay, the Control Panel →...
Configuring the JWT Bearer Flow
Official Documentation
Configuring the JWT Bearer Flow To use JWT Bearer as a grant type in Liferay, you must create an OAuth 2 client with the Client Authentication Method set to Client Secret Basic or Post. The client...
JSON Web Tokens (JWTs)
Official Documentation
JSON Web Tokens (JWTs) JSON Web Tokens (JWTs) represent encoded data. They are compact, self-contained, and secure. There are two primary types of JSON Web Tokens: Encrypted JWT: ensures the...
Issuing JWT Access Tokens
Official Documentation
Issuing JWT Access Tokens Liferay DXP 7.4 U45+/GA45+ You can configure Liferay to issue access tokens in the JWT format from System Settings. Enabling JWT Tokens Open the Global Menu...
JSON Web Token Assertions
Official Documentation
JSON Web Token Assertions An assertion helps in sharing identity and security information across different domains. There are two uses for assertions: Authorization grants Client authentication...
Liferay DXP 2025.Q1 Breaking Changes
Official Documentation
Liferay DXP 2025.Q1 Breaking Changes Breaking changes break or significantly alter existing functionality or code structure. Here are all of the breaking changes for Liferay DXP 2025.Q1. As the...
Tracking Events in Third Party Websites
Official Documentation
Tracking Events in Third Party Websites You can use Analytics Cloud to track events for analysis on websites not built on Liferay DXP by adding JavaScript code to the and of your HTML pages: ...
2023.Q4 Default Setting and Feature Flag Changes
Official Documentation
2023.Q4 Default Setting and Feature Flag Changes Most new versions of Liferay DXP include changes to the default settings. If you rely on the defaults from your old version, you should review the...
2024.Q1 Default Setting and Feature Flag Changes
Official Documentation
2024.Q1 Default Setting and Feature Flag Changes Most new versions of Liferay DXP include changes to the default settings. If you rely on the defaults from your old version, you should review the...
2024.Q3 Default Setting and Feature Flag Changes
Official Documentation
2024.Q3 Default Setting and Feature Flag Changes Most new versions of Liferay DXP include changes to the default settings. If you rely on the defaults from your old version, you should review the...
Using Private Key JWT (JSON Web Token)
Official Documentation
Using Private Key JWT (JSON Web Token) Liferay supports private key JWT as an authentication method for OAuth 2 clients. In this flow, the client itself creates the assertion. Liferay authenticates...
2024.Q2 Default Setting and Feature Flag Changes
Official Documentation
2024.Q2 Default Setting and Feature Flag Changes Most new versions of Liferay DXP include changes to the default settings. If you rely on the defaults from your old version, you should review the...
2024.Q4 Default Setting and Feature Flag Changes
Official Documentation
2024.Q4 Default Setting and Feature Flag Changes Most new versions of Liferay DXP include changes to the default settings. If you rely on the defaults from your old version, you should review the...
2025.Q1 Default Setting and Feature Flag Changes
Official Documentation
2025.Q1 Default Setting and Feature Flag Changes Most new versions of Liferay DXP include changes to the default settings. If you rely on the defaults from your old version, you should review the...
Best Practices for Managing Publications
Official Documentation
Best Practices for Managing Publications Efficient publication workflows in Liferay help improve collaboration, reduce errors, and streamline content delivery. Follow these best practices to...
Configuring Authentication Types
Official Documentation
Configuring Authentication Types Users can be configured to log in using one of three authentication types: Authentication TypeDescriptionUsed by Default? Screen NameDetermined by administrator or...
Securing Sign-In
Official Documentation
Securing Sign-In The Sign-In widget calls the various mechanisms (the portal database, an LDAP server, a SAML identity provider, or any of the ways users can authenticate) that authenticate users....
Adding Icons to Navigation Menu Elements
Official Documentation
Adding Icons to Navigation Menu Elements Liferay DXP 2025.Q2+ Use icons to make navigation menus easier to scan and more visually engaging. They provide quick visual cues that help users recognize...
Connecting Liferay DXP to Marketplace
Official Documentation
Connecting Liferay DXP to Marketplace Liferay DXP 2025.Q1+/GA132+ You can connect Liferay DXP to Marketplace in Instance Settings. With this integration, you can add supported apps from the...
Adding Marketplace Fragments to Pages
Official Documentation
Adding Marketplace Fragments to Pages Liferay DXP 2025.Q3+ Liferay Marketplace offers a range of apps and fragments that integrate seamlessly into the Page Editor. Access, configure, and use these...