Expand my Community achievements bar.

SAML authentication for end users

Avatar

Level 1
Level 1
3/8/24 7:18:18 AM

Hi there,

I'm writing this post to ask for some clarifications about cloud saml authentication for end users.

In the past, looking for a solution to authenticate end users on some of our portals, saml authentication was highly discouraged, especially for portals with a big userbase (millions of users). Many said saml authentication was used only for authoring or administration purposes.

Now, i bumped into this guide: https://experienceleague.adobe.com/docs/experience-manager-learn/cloud-service/authentication/saml-2....

Has anything changed during these years? Can we use saml2 authentication on publish to authenticate a very large userbase? Is there any limitation to take into consideration?

I'm asking this because we are taking into consideration the option of using this method of authentication for our end users.

 

Thanks in advance for your support.

Views

494

Replies

4
Sign in to like this content

Total Likes

Translate
Translate
4 Replies

Avatar

Community Advisor
Community Advisor
3/8/24 11:30:09 AM

SAML 2.0 is generally considered to be secure and scalable. However, there are some limitations to consider.

  • SAML can be complex to set up and maintain, especially for large organizations.
  • SAML relies on XML, which can be verbose and slow to process.
  • SAML does not support strong authentication by itself.

If you are considering using SAML 2.0 for a large user base, it is important to weigh the benefits and drawbacks carefully. You may also want to consider other SSO protocols, such as OAuth 2.0 or OpenID Connect.

Views

483

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
3/8/24 1:15:06 PM

SAML we generally use for Single Sign On (SSO) solution.

In AEM - SAML can be used for both Author and Publish instances (Login and access)

but

SAML for end user - not recommended. For end user - you can use Registration Process (registered users) - create login id and password to register users and provide authentication.

SAML authentication involves several redirects and XML parsing, which can add latency to the authentication process. For a large number of users, this could potentially impact performance

The guide above is the process to set up SAML For AEM instances.

Views

472

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 1
Level 1
3/11/24 1:27:34 AM

But, in your experience, is it worth to authenticate the end user on AEM or is it better to use a separate mechanism (for example authenticate directly from frontend to an external service, without going through AEM)?

Views

434

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Administrator
Administrator
3/14/24 2:49:01 AM

@usr24 Did you find the suggestions from users helpful? Please let us know if more information is required. Otherwise, please mark the answer as correct for posterity. If you have found out solution yourself, please share it with the community.



Kautuk Sahni

Views

394

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Unable to find users , user roles , company information through Mangento Rest API in postman

Views

130

Likes

0

Replies

1
Adobe Developers Live, November 2024, Session | Extension Manager for AEM

Views

195

Likes

0

Replies

0
Adobe Developers Live, November 2024, On-Demand Session | Orchestrating Commerce APIs for headless implementations

Views

193

Likes

0

Replies

0
Adobe Developers Live, November 2024, On-Demand Session | Dynamic Media Masterclass: Best Practices for Performant Delivery

Views

134

Likes

0

Replies

0
AEM session management and user access

Views

225

Likes

0

Replies

6