Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

Azure AD Single Sign On Issue - User ID is incorrect

koichik40102685
Level 1
Level 1

I tried to integrate AEM with Azure AD and configure Single Sign On -

https://docs.microsoft.com/en-US/azure/active-directory/saas-apps/adobeexperiencemanager-tutorial

https://helpx.adobe.com/experience-manager/6-4/sites/administering/using/saml-2-0-authenticationhand...

In "Adobe Granite SAML 2.0 Authentication Handler" settings, I checked "Autocreate CRX Users".

I added a user to Azure AD, and tested the user was signed in AEM,

Then it was successfully signed in and AEM user was automatically created, but userid was encrypted... 

uX6J0/N2Q0eoGR5wSdFQrM89ZbqaO6dHamh8SD/S8dM=

I opened another browser, and tested same user, then another user was created in AEM.

I confirmed the SAML response data with FireFox SAML Tracer add-on, it seemed that it was normally returned,

Mail address and upn data and so on were contained with SAML format.

But I configured a logger for SAML in AEM, a following message is written in SAML log:

19.09.2018 17:30:06.797 *DEBUG* [qtp2142656484-3363] com.adobe.granite.auth.saml.SamlAuthenticationHandler Private key of SP not provided: Cannot sign Authn request.

Please point me where I missed (SAML 2.0 Authentication Handler? Certification or Trusted Store? Or any other settings?)

Best regards

Koichi

1 Reply
smacdonald2008
Level 10
Level 10

We have this community based end to end that talks about AEM and SAML that may help - Integrating SAML with Adobe Experience Manager