Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

Improve security protocol beyond Basic Authentication

Avatar

Avatar
Boost 1
Level 1
jvctnt
Level 1

Like

1 like

Total Posts

2 posts

Correct reply

0 solutions
Top badges earned
Boost 1
Shape 1
View profile

Avatar
Boost 1
Level 1
jvctnt
Level 1

Like

1 like

Total Posts

2 posts

Correct reply

0 solutions
Top badges earned
Boost 1
Shape 1
View profile
jvctnt
Level 1

09-03-2021

Request for Feature Enhancement (RFE) Summary: AEM really only supports Basic Authentication, and many commands in the cURL API also use Basic Authentication. The superuser 'admin' account also uses Basic Authentication. It seems overdue that AEM support more secure protocols, even if it's just two-factor.
Use-case: cURL API and superuser functions primarily
Current/Experienced Behavior: Basic Authentication rules the day
Improved/Expected Behavior: Use at least two-factor, but preferably key/certificate base authentication.
Environment Details (AEM version/service pack, any other specifics if applicable): 6.5 SP2
Customer-name/Organization name: USAA
Screenshot (if applicable):  
Code package (if applicable):  
4 Comments

Avatar

Avatar
Coach
Employee
Jörg_Hoh
Employee

Likes

1,308 likes

Total Posts

3,288 posts

Correct reply

1,118 solutions
Top badges earned
Coach
Give back 600
Ignite 5
Ignite 3
Ignite 1
View profile

Avatar
Coach
Employee
Jörg_Hoh
Employee

Likes

1,308 likes

Total Posts

3,288 posts

Correct reply

1,118 solutions
Top badges earned
Coach
Give back 600
Ignite 5
Ignite 3
Ignite 1
View profile
Jörg_Hoh
Employee

11-03-2021

AEM is not an Identity Management system, but you can configure it to rely on such a system, e.g. using SAML. There are dedicated systems, which can do that much better than AEM.

Avatar

Avatar
Give Back 200
Employee
hamidk92094312
Employee

Likes

106 likes

Total Posts

240 posts

Correct reply

38 solutions
Top badges earned
Give Back 200
Give Back 100
Contributor
Shape 1
Ignite 1
View profile

Avatar
Give Back 200
Employee
hamidk92094312
Employee

Likes

106 likes

Total Posts

240 posts

Correct reply

38 solutions
Top badges earned
Give Back 200
Give Back 100
Contributor
Shape 1
Ignite 1
View profile
hamidk92094312
Employee

28-03-2021

Hi @jvctnt 

You can also create an Adobe Experience Manager OSGi bundle that uses Sling authentication APIs to create a bundle that supports two factor authentication.

 

https://helpx.adobe.com/experience-manager/using/twofactor64.html

 

Status changed to: Needs Info

Avatar

Avatar
Give Back 200
Employee
hamidk92094312
Employee

Likes

106 likes

Total Posts

240 posts

Correct reply

38 solutions
Top badges earned
Give Back 200
Give Back 100
Contributor
Shape 1
Ignite 1
View profile

Avatar
Give Back 200
Employee
hamidk92094312
Employee

Likes

106 likes

Total Posts

240 posts

Correct reply

38 solutions
Top badges earned
Give Back 200
Give Back 100
Contributor
Shape 1
Ignite 1
View profile
hamidk92094312
Employee

31-03-2021

Hi @jvctnt 

The similar feature has been provided in AEM cloud services and now supports token based authentication:
https://experienceleague.adobe.com/docs/experience-manager-learn/getting-started-with-aem-headless/a...

Status changed to: Needs Info

Avatar

Avatar
Establish
Community Manager
kautuk_sahni
Community Manager

Likes

1,358 likes

Total Posts

6,854 posts

Correct reply

1,150 solutions
Top badges earned
Establish
Coach
Originator
Contributor 2
Contributor
View profile

Avatar
Establish
Community Manager
kautuk_sahni
Community Manager

Likes

1,358 likes

Total Posts

6,854 posts

Correct reply

1,150 solutions
Top badges earned
Establish
Coach
Originator
Contributor 2
Contributor
View profile
kautuk_sahni
Community Manager

31-03-2021