Authentication helps you confirm the identity of users requesting access to your Web sites. IIS supports both challenge-based and login redirection-based authentication methods. Challenge-based authentication methods require clients to respond correctly to a server-initiated challenge. Login redirection-based authentication methods rely on redirection to a login page to determine the identity of the user. You cannot use both authentication methods at the same time. IIS also supports client certificate authentication, which requires configuring Secure Sockets Layer (SSL) for the site.


Only Anonymous authentication is installed by default. If you want to authenticate clients with IIS, you must install the authentication features you want to use.

  Step Reference
Check box

Read an overview of how to set up an authentication strategy.

Overview of IIS Authentication Features.

Check box

Install different types of authentication using the Add Role Services Wizard from Server Manager.

Installing IIS 7

Check box

Use IIS 7 to configure authentication.

Configure authentication

See Also