Hi Team,
We have recently implemented SAML SSO using Azure IDP in AEM 6.5.
Few best practices we would like to understand:
1) How to manage permissions in AEM for Groups/user created in IDP ?
2) Shall we create a new local AEM group A and make IDP group B part of it, assign appropriate permission to A.?
3) Other Suggestions if any.
4) After SAML Implementation, are we supposed to work with our admin user which is in local, not part of IDP OR we only should work with IDP groups/users. In second case, Shall we create a new Admin group in IDP?
Regards,
KTNR