thanks pawan , we will try this option also please let me know which authentication handler can sync entire user group in AEM if OOTB  LDAP VS OOTB SAMLI see LDAP will be the right option for this and SAML can only sync users to only one group configured in handler and we have manually create groups...

we are on a intranet portal and need role based content based on user groups

Looks like AEM OOTB segmentation does not offer user groups based content personalization until the user group is mapped as a profile attribute ?is there a way that we can use user group name in the client context and segmentation rules OOTB without custom data store?

Also if you are using AEM TarMk, you need to sync the preferences across publish instances as well.in case of MongoDB - DB should take take the end user preference sync.

Thanks Jörg.Approach Still it is not yet decided we might use both CUG for authorization and Client Context for cache safe personalization of menu header as it is via ajax and also give author control over different experience.And still the menu fragments can be cached.

Hi,Thanks for the info, I did not specify this earlier , In my case i do not want to store end user profile in AEM so after external authentication(SAML) want to drive restricted menus on headers having a teaser and different menu campaigns attached created by authors .This gives authors to preview ...

Hi,Thanks for the info, I did not specify this earlier , In my case i do not want to store end user profile in AEM so after external authentication(SAML) want to drive restricted menus on headers having a teaser and different menu campaigns attached created by authors .This gives authors to preview ...

       yes these 200k users will be mapped to multiple roles in identity and would like to use that information via client context custom data store for authorization can white list the URLs for roles with regex patterns as custom config acl like we white list selectors or use saml to authorize the ...

Hi All,Using AEM as an intranet portal  - following are my thoughts on enabling role based menu navigation for end user - some links hidden for certain roles / some links disabledoption 1 - client context would be my recommendation any view on this or any other better?1) use the client context with ...

Thanks sham - That's exactly we need by which internet and intranet content are only replicated to required publish.