Expand my Community achievements bar.

SOLVED

Token authorization in AEM

Avatar

Level 6
Level 6
12/20/22 7:52:19 PM

Hi,

 

We have configured our instances with SSO SAML configuration.

Authentication is working fine with SSO Azure Sign in.

But when a third party consumes our pages or ajax calls to fetch some internal data, they are getting 401 Un Authorized,

As a tenant we have created an APP with client id, secret and mentioned scope. With this, third party is able to generate token. But when they use token, they are getting 401. The reason is AEM is accepting only saml response currently. 

Is it something like, we have to configure OAuth as well for third party token authorization ?

 

Or any documentation for Oauth token authorization will be fine

 

Please suggest

Views

547

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
12/20/22 8:11:34 PM

Hello @akhilraj 

 

A custom Authentication Handler would be required to achieve this. It would validate the token and signature (with the public cert from the AEM truststore that belongs to the private key the token is signed with)

 

If successful, the user would be logged in and accordingly the response can be created.

 

Another option is to use Adobe IMS JWT and AEM Access Token

https://experience-aem.blogspot.com/2021/07/aem-cloud-service-get-adobe-ims-jwt-and-aem-access-token...

Aanchal Sikka

View solution in original post

Views

537

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
3 Replies

Avatar

Correct answer by
Community Advisor
Community Advisor
12/20/22 8:11:34 PM

Hello @akhilraj 

 

A custom Authentication Handler would be required to achieve this. It would validate the token and signature (with the public cert from the AEM truststore that belongs to the private key the token is signed with)

 

If successful, the user would be logged in and accordingly the response can be created.

 

Another option is to use Adobe IMS JWT and AEM Access Token

https://experience-aem.blogspot.com/2021/07/aem-cloud-service-get-adobe-ims-jwt-and-aem-access-token...

Aanchal Sikka

Views

538

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 6
Level 6
12/20/22 8:30:47 PM
In response to aanchal-sikka

Thanks @aanchal-sikka .

Is there any examples for custom authentication handler creation.?

The cert we installed in AEM trust store for SAML configuration already.

 

And our version of AEM is 6.5, so the second approach will work here ?

 

Views

532

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
12/21/22 7:18:06 AM

Please find the references discussed in the thread for custom authentication handler.

https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/how-to-create-custom-authe...

 

Hope this is helpful.

Views

509

Replies

0
Sign in to like this content

Total Likes

Translate
Translate