Skip to main content
Version: 2026.1

Security and Authentication

Pimcore integrates with the Symfony Security Component for authentication and authorization. Pimcore Studio uses its own security firewall; configure separate firewalls for any frontend authentication requirements.

Login Example

The demo-enterprise repository (branch: 2026.x) provides a full login implementation with form-based authentication, CSRF protection, remember-me support, CMF CustomerObjectUserProvider, and e-commerce cart migration on login.

Key files:

info

The demo-enterprise repository is private and requires an enterprise license. The simplified authentication guide below covers the same concepts with a publicly accessible, minimal example.

Simplified Guide

For basic setups without CMF or e-commerce, follow the step-by-step guide at Authenticate Against Pimcore Objects. It covers user providers, password hashing with PasswordFieldHasher, and firewall configuration using Pimcore data objects.

Further Reading