Synx security

Encryption & Dynamics access

Synx is the middleware providing the bridge between Sitefinity and MS Dynamics. For Sitefinity to access MS Dynamics, Synx requires an admin username and password from Dynamics to connect and access data. Synx stores these credentials as an encrypted string within the Sitefinity database to maximise on security and not in file system.

The encryption and decryption are handled by the Synx assemblies which provide an additional level of security. Synx assemblies cannot be reverse engineered as these are not accessible.

Data Permissions for user

Synx creates a table that contains mappings between a Sitefinity user and Dynamics Contact entity. Information can only be accessed in Dynamics based on those relationships. Our framework allows for Dynamics to control what a user can or cannot access data wise.

In addition, Synx utilises Sitefinity roles and security processes. Fundamentally, these roles control which pages in the web portal the user can access. Data displayed on those pages are under the control of the portal administrator or web developer. This makes Synx as secure as Sitefinity.

Dynamics Plugin

Synx comes with an optional plugin for Dynamics. This plugin enables Dynamics to control Contacts login credentials into the CMS as well as assign Sitefinity Role directly from Dynamics. Dynamics pushes this information back to Sitefinity membership provider allowing for instant user access to the Portal.

This method has been designed so if the connection between Sitefinity Portal and Dynamics is broken, users are still able to access the Portal, providing an improved security architecture. This plugin only creates 1 new entity in Dynamics called “new_synx_role” to allow the mapping of roles to contact users.

Help us improve our documentation!  Is there an issue with this page?