Expand my Community achievements bar.

Enhance your AEM Assets & Boost Your Development: [AEM Gems | June 19, 2024] Improving the Developer Experience with New APIs and Events

Okta Integration with AEM 6.3 Logout not working

Avatar

Level 2

I am using Okta SSO in my current project on AEM 6.3. Defined the path /siteadmin in SAML authentication handler osgi configuration. I am able to login to my application successfully but when I Signout it is navigating to AEM login screen. But it has to be Okta login url. I have configured Handle Logut and gave the url also still its not working. Please help me on this.smacdonald2008

9 Replies

Avatar

Employee

Can you provide the saml config or let me know if logout handler is checked and logout url is for saml annd /sling/logout.html?

maybe collect a HAR trace and send it to me for review

Avatar

Level 2

Hi Kunwar,

Please find the attachement, the osgi configratuions I did for SAML in AEMAdobe Experience Manager Web Console   Configuration.png

Avatar

Employee

Is it an IDP initiated flow ? /siteadmin for the path parameter for the SAML config instance suggests that.  If it is, this is expected as the logout would redirect you to system/sling/logout amd then drop the credentials

Avatar

Level 2

Kunwar​,  our use case is to give authentication for the content-authors so we are giving it on /siteadmin. and all the parameters mentioned in the osgi screenshot we got from IDP. But for logout path I gave slo this didnt come by IDP. I have a doubt here, do we have to configure the logout url also while creating the application in Okta ?

Avatar

Employee

no this should be a shot in the wild. Your Okta team can provide the corrrect SLO (SAML logOut) URL you need put in the config.

(1) depicts what a SAML configs looks like along with SLO url

(1) :  Demonstration of AEM and SAML integration

Avatar

Level 2

Kunwar​, I only created the okta applicatoin, Please find the attached image, if I miss any configurations as part of the application creation..

Cargill  Inc.  qa    Preview   Applications.png

Avatar

Employee

config looks good to me and assume the SLO url was used in the saml config. Apart from that not sure, what could be it.

If you aren't able to figure out, Raise the concern with Support and someone can look at it dedicatedly on this.

Avatar

Level 2

smacdonald2008​,  could you please provide your inputs on this ?

Avatar

Level 4

Hi nagalaxmit28016166

We are facing the same issue while configuring OKTA with AEM 6.3. Could you please let us know how did you resolve this issue , what was the logout url that you used ?