Adobe Summit 2025: AEM Session Recordings Are Live! Missed a session or want to revisit your favorites? Watch the latest recordings now.
SOLVED
User group sync issue with IMS and SAML IDP (non Azure or Google)
hi @shubhanshu_singh ,
These are some steps to troubleshoot and fix the issue:
Check the SAML provider configuration in AEM and make sure that the group information is being passed correctly from the provider to AEM. You can check the SAML response for the group information.
Check if the group sync is enabled in your AEM instance. You can do this by going to the User Management Console, clicking on the "Sync" tab, and checking if the "Sync Groups" option is enabled.
Check the logs in AEM to see if there are any errors related to group sync. You can check the error logs in the error.log file in the crx-quickstart/logs directory.
Make sure that the group path in AEM matches the group name in the SAML provider. If they don't match, the group sync will not work.
Try manually creating the group in AEM and see if it syncs with the SAML provider. If it does, then there might be an issue with the automatic group creation in AEM.
@shubhanshu_singh - This is not related to your query but you mentioned in the question that if the group doesn't exist it gets created.
As far as I can recall, the group sync requires to have the group created in AEM so that the user when logging in is auto assigned to the group.
Can you please confirm on this?
