Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
Read More & Register today!
SOLVED

Token authorization in AEM

Avatar

Level 6
Level 6
12/20/22 7:52:19 PM

Hi,

 

We have configured our instances with SSO SAML configuration.

Authentication is working fine with SSO Azure Sign in.

But when a third party consumes our pages or ajax calls to fetch some internal data, they are getting 401 Un Authorized,

As a tenant we have created an APP with client id, secret and mentioned scope. With this, third party is able to generate token. But when they use token, they are getting 401. The reason is AEM is accepting only saml response currently. 

Is it something like, we have to configure OAuth as well for third party token authorization ?

 

Or any documentation for Oauth token authorization will be fine

 

Please suggest

Views

766

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
12/20/22 8:11:34 PM

Hello @akhilraj 

 

A custom Authentication Handler would be required to achieve this. It would validate the token and signature (with the public cert from the AEM truststore that belongs to the private key the token is signed with)

 

If successful, the user would be logged in and accordingly the response can be created.

 

Another option is to use Adobe IMS JWT and AEM Access Token

https://experience-aem.blogspot.com/2021/07/aem-cloud-service-get-adobe-ims-jwt-and-aem-access-token...

Aanchal Sikka

View solution in original post

Views

756

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
3 Replies

Avatar

Correct answer by
Community Advisor
Community Advisor
12/20/22 8:11:34 PM

Hello @akhilraj 

 

A custom Authentication Handler would be required to achieve this. It would validate the token and signature (with the public cert from the AEM truststore that belongs to the private key the token is signed with)

 

If successful, the user would be logged in and accordingly the response can be created.

 

Another option is to use Adobe IMS JWT and AEM Access Token

https://experience-aem.blogspot.com/2021/07/aem-cloud-service-get-adobe-ims-jwt-and-aem-access-token...

Aanchal Sikka

Views

757

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 6
Level 6
12/20/22 8:30:47 PM
In response to aanchal-sikka

Thanks @aanchal-sikka .

Is there any examples for custom authentication handler creation.?

The cert we installed in AEM trust store for SAML configuration already.

 

And our version of AEM is 6.5, so the second approach will work here ?

 

Views

751

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
12/21/22 7:18:06 AM

Please find the references discussed in the thread for custom authentication handler.

https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/how-to-create-custom-authe...

 

Hope this is helpful.

Views

728

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
I have 2 filters and they are running in the wrong order Solved

Views

127

Likes

0

Replies

3
Not able to use credentials for login after installing AEM service pack 9 for 6.5 Solved

Views

153

Likes

0

Replies

3
Will there be issue deploying AEM Bundles compiled on Java 11 to the AEM Instance running in Java 8? Solved

Views

108

Likes

0

Replies

1
Suggestion | Creating a Custom Video Plugin for aem as cloud services Rich Text Editor

Views

104

Likes

0

Replies

2
Facing issues in node_modules in photoshop api

Views

73

Likes

0

Replies

0