We are using a nonce worker to avoid loading inline scripts,
But SAML authentication handler contains a form that redirects to the OKTA login page.
This form includes an unsafe inline script, which prevents the page from rendering and redirects to the OKTA login page.
Any one have faced this issue?
Solved! Go to Solution.
Views
Replies
Total Likes
HI @rajsamala-hgs ,
Please check server side configuration for SAML Authentication handler generally we configure a SAML authentication handler in AEM to act as a proxy for Okta authentication. This handler will redirect users to Okta's login page, handle the OAuth 2.0 PCKE flow, and exchange the authorization code for an access token and ID token.
Also, utilize Sling Resource Access Control (Sling RAC) to protect specific routes or resources. Configure Sling RAC rules to restrict access to these protected areas based on the presence of a valid Okta access token.
-Tarun
HI @rajsamala-hgs ,
Please check server side configuration for SAML Authentication handler generally we configure a SAML authentication handler in AEM to act as a proxy for Okta authentication. This handler will redirect users to Okta's login page, handle the OAuth 2.0 PCKE flow, and exchange the authorization code for an access token and ID token.
Also, utilize Sling Resource Access Control (Sling RAC) to protect specific routes or resources. Configure Sling RAC rules to restrict access to these protected areas based on the presence of a valid Okta access token.
-Tarun
@rajsamala-hgs Did you find the suggestion helpful? Please let us know if you require more information. Otherwise, please mark the answer as correct for posterity. If you've discovered a solution yourself, we would appreciate it if you could share it with the community. Thank you!
Views
Replies
Total Likes