Expand my Community achievements bar.

Submissions are now open for the 2026 Adobe Experience Maker Awards.
Apply Now
SOLVED

How does a Non-interactive Service account login to an SSO enabled AEM instance

Avatar

Level 2
Level 2
1/22/25 8:22:42 PM

Hello, 
We have AEM 6.5 running on a AWS EC2. The instance is SSO Authentication enabled with inbuilt SAML Authentication handler configuration with Azure AD as IDP. Now, how can I make a Non-Interactive Service account (MS) to be able to login to AEM Author instance for accessing an API.

Topics

Topics help categorize Community content and increase your ability to discover relevant content.

APIs Experience Manager

Views

558

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
1/23/25 3:17:22 AM
In response to PrasanthAnandharaj

Hi @PrasanthAnandharaj , in that case you have to create a non-interactive-user profile in your AD, sync to AEM.

 

From your application,  hit idp authentication endpoint with non-interactive user creds, get authentication,  use same token to hit AEM

 

Or otherwise please explore service credentials in aem. It can be made via JWT tokens

https://experienceleague.adobe.com/en/docs/experience-manager-learn/cloud-service/forms/forms-cs-ass...

 

Or otherwise is to use oauth authentication.

 

https://aemcorner.com/adobe-granite-oauth-authentication-handler/

View solution in original post

Views

509

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
3 Replies

Avatar

Community Advisor
Community Advisor
1/22/25 8:28:38 PM

@PrasanthAnandharaj depends on your security policy level but simple is you can create a local user with password in your aem instance and use basic authentication header while making api request to aem for authentication and authorization 

Views

553

Replies

2
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
1/22/25 9:59:43 PM
In response to Shashi_Mulugu

Hi noted and thanks for the suggestion. We are trying to avoid having local profiles to align with org standards.Any suggestions in that case ?

 

Views

527

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Community Advisor
Community Advisor
1/23/25 3:17:22 AM
In response to PrasanthAnandharaj

Hi @PrasanthAnandharaj , in that case you have to create a non-interactive-user profile in your AD, sync to AEM.

 

From your application,  hit idp authentication endpoint with non-interactive user creds, get authentication,  use same token to hit AEM

 

Or otherwise please explore service credentials in aem. It can be made via JWT tokens

https://experienceleague.adobe.com/en/docs/experience-manager-learn/cloud-service/forms/forms-cs-ass...

 

Or otherwise is to use oauth authentication.

 

https://aemcorner.com/adobe-granite-oauth-authentication-handler/

Views

510

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
AEM Cloud Service: Runtime Exclusion of External Links from Link Checker Solved

Views

134

Likes

0

Replies

2
Local AEM Error - HTTP ERROR 500 Server Error Solved

Views

830

Likes

0

Replies

4
XF Field throws an error while giving auto suggestions Solved

Views

328

Likes

0

Replies

3
Can't download service pack

Views

215

Likes

0

Replies

2
How to Apply a Policy to a Video Component Inside a Core Carousel (Panel Container) in Editable Templates?

Views

1.3K

Likes

0

Replies

3