Adobe Experience Manager Sites & More

AEM_Forum · 12/25/22

Hi all,
I see article "Authenticate to AEM Author using OKTA" at Configuring OKTA with AEM | Adobe Experience Manager
Is Authenticate to AEM Publish using OKTA and LDAP relevant?

For Author environment, all authors are employees are for corporate and so LDAP and SSO make sense.

When it comes to publish, the end users' authentication info is not in any central system.

So, LDAP and SSO may not be relevant on Publish.

Kindly comment.

Thanks,

Rama.

Monendra_Singh · 12/25/22

Hi Rama,

In my view, It is possible to use LDAP or a single sign-on (SSO) solution such as Okta to authenticate users on both the AEM Author and AEM Publish environments.

In the case of the AEM Author environment, where the users are typically employees of the organization, LDAP or SSO can be used to authenticate users against the organization's directory service or identity provider. This can simplify the process of managing user accounts and permissions, and ensure that only authorized users have access to the AEM Author environment.

In the case of the AEM Publish environment, where the users are typically external customers or clients, it may not be practical to use LDAP or SSO for authentication. Instead, it may be necessary to use other methods of authentication, such as a custom login form or an external authentication service, to authenticate users on the AEM Publish environment.

It is important to consider the specific needs and requirements of the organization when deciding how to authenticate users on the AEM Author and AEM Publish environments. The use of LDAP or SSO may not be relevant or necessary in all cases, and it may be necessary to use other methods of authentication depending on the needs of the organization and the users accessing the AEM environments.

Cheers,

Monendra

View solution in original post

Monendra_Singh · 12/25/22

Hi Rama,

In my view, It is possible to use LDAP or a single sign-on (SSO) solution such as Okta to authenticate users on both the AEM Author and AEM Publish environments.

In the case of the AEM Author environment, where the users are typically employees of the organization, LDAP or SSO can be used to authenticate users against the organization's directory service or identity provider. This can simplify the process of managing user accounts and permissions, and ensure that only authorized users have access to the AEM Author environment.

In the case of the AEM Publish environment, where the users are typically external customers or clients, it may not be practical to use LDAP or SSO for authentication. Instead, it may be necessary to use other methods of authentication, such as a custom login form or an external authentication service, to authenticate users on the AEM Publish environment.

It is important to consider the specific needs and requirements of the organization when deciding how to authenticate users on the AEM Author and AEM Publish environments. The use of LDAP or SSO may not be relevant or necessary in all cases, and it may be necessary to use other methods of authentication depending on the needs of the organization and the users accessing the AEM environments.

Cheers,

Monendra

DEBAL_DAS · 12/28/22

Hi Rama,

Completely agree with @Monendra_Singh here.

But I would like to share my personal experience here, in my project we do have multiple intranet sites and these intranet sites are accessible to client's employees only.

To eliminate security threats client wanted to have SSO on intranet sites as well.

So, we did implement SSO with PingFederate as IDP on publish instance for employees also.

One thing I can say it depends on specific needs and requirements of the organization.

Adobe Experience Manager Sites & More

LDAP and SSO Authenticate on AEM Publish

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe