Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

AEM6.3.3 + OKTA Integration


Level 4

Hi Team,

I am facing issue with multiple SAML configuration for our project with one IDP certificate.

I follow the steps mentioned in the link below but no Luck.

Multiple SAML configurations

On successful authentication , it redirects to http:localhost/saml_login instead of the path configured in the Assertion Consumer URL i.e. http:localhost/content/abc/saml_login

What can be the issue or is there any configuration which needs to be done to handle multiple domain with multiple SAML configuration ?

Thanks in advance

3 Replies


Employee Advisor

You need to configure the same Assertion Consumer URL on the OKTA side. Sometimes it's labeled as destination URL. Assertion URL in AEM should match with what's set on the OKTA.


Level 4

Hi Jaideep,

Thank you for sharing more insight.

Yes I already put the Assertion Consumer URL on the OKTA side but still it redirect to default saml_login.

Do you see anything things which needs to be looked upon. ?

Thank you


Employee Advisor

Can you check if path property is set as per the ACS:

If path: / then ACS should be <SP>/saml_login

If the path: /content then ACS should be <SP>/content/saml_login

Check [1] for more details



Level 4


Thank you for sharing such a nice document.

I followed all the steps still No Luck.

Actually while giving the path "/content/abc" and putting the Assertion URL path as "http://localhost:4503/content/abc/saml_login" in SAML configuration. When I hit the path localhost:4503/content/abc.html it never redirects to IDP URL instead it render the content page.

Do you have any context why path with /content/abc not working and redirecting it to OKTA page for authentication. ?



Employee Advisor

Reading the description, it looks like the page "/content/abc.html" does not require authentication. SAML will only be triggered on the pages which anonymous does not have access to.

Also, check if you have excluded "/content/abc.html" from the authentication requirement.

[1] http://<host>:<port>/system/console/configMgr/