Confirm the identity of users requesting access to a Web site

Applies To: Windows Server 2008 R2

Authentication helps you confirm the identity of users requesting access to your Web sites. IIS supports both challenge-based and login redirection-based authentication methods. Challenge-based authentication methods require clients to respond correctly to a server-initiated challenge. Login redirection-based authentication methods rely on redirection to a login page to determine the identity of the user. You cannot use both authentication methods at the same time. IIS also supports client certificate authentication, which requires configuring Secure Sockets Layer (SSL) for the site.


Only Anonymous authentication is installed by default. If you want to authenticate clients with IIS, you must install the authentication features you want to use.

  Step Reference

Read an overview of how to set up an authentication strategy.

Overview of IIS Authentication Features.

Install different types of authentication using the Add Role Services Wizard from Server Manager.

Installing IIS 7

Use IIS 7 to configure authentication.

Configure authentication

See Also

Other Resources

Web Server on Tech Center (online)