Expand my Community achievements bar.

Submissions are now open for the 2026 Adobe Experience Maker Awards.
Apply Now

Mark Solution

This conversation has been locked due to inactivity. Please create a new post.

SOLVED

Two factor authentication for crx

Avatar

Level 1
Level 1
9/23/20 10:01:45 PM

Hi Team,

  We are trying to implement MFA for AEM and referred this blog. 

However we are not sure how this can be done for crx explorer as well. 

 

http://localhost:4502/crx/explorer/index.jsp

 

Please can someone suggest any pointers?

 

Regards,

Jay 

Views

1.6K

Replies

5
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor and Adobe Champion
Community Advisor and Adobe Champion
9/24/20 1:51:07 AM

Hello @jay1122,

Considering it is CRX Explorer where limited access (only admins) is required, what's the use case which requires you to set up MFA on CRX level? Generally MFA is for business users on AEM welcome page where they do not have access to CRX at all.

 

There should always be a back door entry. If anything goes wrong in MFA authentication how would admins be able to login to AEM CRX? Also, changing core login mechanism is highly risky.

Jineet

View solution in original post

Views

1.5K

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
5 Replies

Avatar

Correct answer by
Community Advisor and Adobe Champion
Community Advisor and Adobe Champion
9/24/20 1:51:07 AM

Hello @jay1122,

Considering it is CRX Explorer where limited access (only admins) is required, what's the use case which requires you to set up MFA on CRX level? Generally MFA is for business users on AEM welcome page where they do not have access to CRX at all.

 

There should always be a back door entry. If anything goes wrong in MFA authentication how would admins be able to login to AEM CRX? Also, changing core login mechanism is highly risky.

Jineet

Views

1.5K

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 1
Level 1
9/24/20 1:57:19 AM
In response to Jineet_Vora
Hello @Jineet_Vora, Yes you are correct, biz users do not have access to crx explorer and only admins does. Our client is expecting to implement MFA and does not want to descope admin/developers We have multiple vendors accessing AEM so in our case it is understandable as to why client feels so..

Views

1.5K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor and Adobe Champion
Community Advisor and Adobe Champion
9/24/20 2:19:00 AM
In response to Jineet_Vora
There should always be a back door entry. If anything goes wrong in MFA authentication how would admins be able to login to AEM CRX? Also, changing core login mechanism is highly risky.

Views

1.5K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
9/24/20 3:08:31 AM

@jay1122 

For using MFA for crx/explorer you might need to touch the OOTB functionality as @Jineet_Vora  suggested which is not recommended or risky. 

@Jörg_Hoh @vanegi  Can you provide your views ?

Thanks,
Nikhil Kumar

Views

1.5K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Employee Advisor
Employee Advisor
9/24/20 1:25:32 PM

Ah. the good old CRX Explorer ... I don't think that this is possible, because it solely relies purely on JCR authentication and does not use Sling.

Views

1.5K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
403 Forbidden Error with OAuth Server-to-Server for AEM Assets Author API - Configuration Seems Correct Solved

Views

284

Likes

0

Replies

4
Hotfix for GRANITE-61551 Installation Solved

Views

212

Likes

0

Replies

3
How can we show only gated (Secure) Content for End User ? Solved

Views

164

Likes

0

Replies

2
Low AI Visibility (6%) for AEM website

Views

95

Likes

0

Replies

1
Different ways to Authenticate AEM Publish other than LDAP or SSO (AEM 6.5)

Views

301

Likes

0

Replies

5