Expand my Community achievements bar.

Enhance your AEM Assets & Boost Your Development: [AEM Gems | June 19, 2024] Improving the Developer Experience with New APIs and Events
SOLVED

Okta SAML integration with dispatcher

Avatar

Level 3

Hi guys,

We have very successfully integrated Okta as our IDM platform into our non-production publish instance (developed and tested by directly accessing the publisher on 4503).

However, we have failed (almost at the first hurdle) when hitting the publisher via the dispatcher. Upon hitting the SAML protected content, we are faced with what appears to be a server-level (Apache-derived) log-in/password challenge.

What should be my first steps to check in the dispatcher configuration.

FYI, while I am an experienced AEM dev, I am not well versed in dispatcher config - this was historically handled for us by our hosting partner who, on this occasion, are not able to assist so I apologise in advance for what may seem a rather poorly defined and somewhat basic question. I would genuinely appreciate a steer.

1 Accepted Solution

Avatar

Correct answer by
Employee Advisor

For dispatcher, you need to allow POST request to saml_login:

/0100 { /type "allow" /method "POST" /url "*/saml_login" }

More details at [1]

[1] https://helpx.adobe.com/experience-manager/kb/how-to-troubleshoot-saml-related-issues-in-aem.html

View solution in original post

2 Replies

Avatar

Correct answer by
Employee Advisor

For dispatcher, you need to allow POST request to saml_login:

/0100 { /type "allow" /method "POST" /url "*/saml_login" }

More details at [1]

[1] https://helpx.adobe.com/experience-manager/kb/how-to-troubleshoot-saml-related-issues-in-aem.html

Avatar

Level 3

Thanks so much Jaideep,

You're answer is indeed correct and is definitely the best first step in configuring AEM SAML Integration.

In our situation, this had already been done and the root of our issue turned out to be related to our CDN. However, your answer has been moderated as correct and I would definitely agree. Our situation was too specific for anyone on here to give an answer based on the limited information I gave.