Adobe Experience Manager Sites & More

SC1 · 11/22/25

I could achieve the saml login with microsoft entra id using IDP based login page.

My question is - If I want to design my own login page in AEM and do the authentication against microsoft entra id, what should be the steps?

Any working code examples will be really helpful.

muskaanchandwani · 11/22/25

Hello @SC1

For AEMaaCS :

AEM Publish is Service Provider; Entra ID is IdP.

Custom login page is just a branded AEM page.

Actual authentication still happens on Entra’s login page (for security).

- Example page: /content/your-site/en/login.html.

- Add your login component (HTL/HTML) to this page.

- Use resource = a SAML‑protected path (under the SAML handler’s path, e.g. /content/your-site/en/secure/start.html).

- Use saml_request_path = final page after successful login.

- /system/sling/login => Sling picks SAML handler (because resource is protected).

- AEM generates SAML AuthnRequest → redirects to Entra.

- User logs in on Entra => SAMLResponse posted to /saml_login.

- AEM validates, creates/updates user, sets login-token cookie.

- AEM redirects to saml_request_path (your chosen “post-login” page).SAML 2.0 on AEM as a Cloud Service

SC1 · 11/22/25

I need the user to enter login credentials in the AEM login page instead of IDP login page.

Then with those credentials validate against my saml IDP.

Is there some guidance around it?

Aem Login form to authenticate against microsoft entra id