Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
SOLVED

Azure AD SSO - locahost AEM author

Avatar

Level 2

I'm trying to enable Azure AD SSO for my localhost aem author instance. I have done with the configurations required in Azure AD and AEM configMgr by following this link https://blog.developer.adobe.com/saml-authentication-in-aem-using-microsoft-azure-active-directory-3... as its was pretty clear.

Now, If I hit the localhost URL it redirects me to AD login where I'm providing the creds and its redirecting to Microsoft error page, stating that Application with identifier 'https://sts.windows.net/55cd5c28-82df-4629-95bf-a15124af3656/' was not found in the directory 'Default Directory'.

The user created in the AD if not getting imported/sync with my localhost author instance, is that expected? Also, The azure sign-in logs says the authentication is success from the AEM instance.

I have provided the screenshots below, can someone please let me know what's the faulty config?

 

@srikrishnank190 @Albin_Issac 

 

 

vijayselvas1_0-1671956331688.png

 

vijayselvas1_1-1671956356642.png

 

vijayselvas1_3-1671956435355.png

 

vijayselvas1_4-1671956454980.png

Regards,

Vijay

 

1 Accepted Solution

Avatar

Correct answer by
Level 4

Hi Vijay,

It looks like there is an issue with the configuration of the Azure AD application that you created. The error message you provided indicates that the application with the specified identifier was not found in the default directory.

Here are a few things you can try to troubleshoot this issue:

  1. Double-check the configuration of the Azure AD application to ensure that all the required information is correct. Make sure that the application identifier and the redirect URI match the ones you have configured in AEM.

  2. Check the Azure AD sign-in logs to see if there are any other error messages that may help identify the issue.

  3. Make sure that the user account you are using to sign in to Azure AD is a member of the Azure AD application.

  4. If you are using a federated authentication setup, make sure that the federation service is properly configured and reachable from your AEM instance.

 

In addition to that you can use SAML-tracer extension to debug the calls, you might be able to capture few more details that might help.

View solution in original post

1 Reply

Avatar

Correct answer by
Level 4

Hi Vijay,

It looks like there is an issue with the configuration of the Azure AD application that you created. The error message you provided indicates that the application with the specified identifier was not found in the default directory.

Here are a few things you can try to troubleshoot this issue:

  1. Double-check the configuration of the Azure AD application to ensure that all the required information is correct. Make sure that the application identifier and the redirect URI match the ones you have configured in AEM.

  2. Check the Azure AD sign-in logs to see if there are any other error messages that may help identify the issue.

  3. Make sure that the user account you are using to sign in to Azure AD is a member of the Azure AD application.

  4. If you are using a federated authentication setup, make sure that the federation service is properly configured and reachable from your AEM instance.

 

In addition to that you can use SAML-tracer extension to debug the calls, you might be able to capture few more details that might help.