Expand my Community achievements bar.

Applications for the 2024-2025 Adobe Experience Manager Champion Program are open!
Apply Here Now
SOLVED

Permission on Preview tier on AEM cloud

Avatar

Level 4
Level 4
2/7/24 8:24:21 AM

Hi All,

 

We are migrating from AEM 6.5 to AEM Cloud and wanted to utilize the preview tier on AEM cloud to preview the content before publishing.

Currently the website is using SAML authentication.

There are 2 requirements related to the preview tier

  • A particular user group with permission can access particular path in the preview.
  • Whitelist a domain so that a user with that domain will have access.

 

@arunpatidar @EstebanBustamante

Views

361

Replies

6
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
2/8/24 12:39:21 AM

Hi @SwetaB 
I think you can setup SAML for preview similar to PROD if the behaviour suppose to be same.

In case of some deviation, you can always extend SAML handler to add custom access checks.

 

https://docs.mktossl.com/docs/experience-manager-learn/cloud-service/authentication/saml-2-0.html?la... 



Arun Patidar

View solution in original post

Views

266

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
6 Replies

Avatar

Level 4
Level 4
2/7/24 11:00:40 PM
In response to SureshDhulipudi

Hi Suresh,

 

I know that the url is accessible like and doesn't require any access, that is why we need to add user permission to the preview environment. 

I was thinking to have the same SAML setup enabled as we do for the publish environments but then how that can be configured.

Views

290

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
2/7/24 9:47:52 PM

Hi @SwetaB 

To enable preview functionality in AEM Cloud and meet the two requirements related to SAML authentication, you can follow these steps:

  1. Configure SAML authentication in AEM Cloud: You will need to configure SAML authentication in AEM Cloud to enable users to authenticate using their SAML credentials. This can be done using the Adobe I/O Console. 
    https://experienceleague.adobe.com/docs/experience-manager-65/content/security/saml-2-0-authenticati... 
    https://docs.mktossl.com/docs/experience-manager-learn/cloud-service/authentication/authentication.h... 

  2. Configure preview access: To enable preview access for a particular user group with permission to access a particular path, you can create a custom access control policy in AEM Cloud. This can be done using the AEM Cloud console.
    https://docs.mktossl.com/docs/experience-manager-65/content/forms/administrator-help/work-with-docum... 
    https://experienceleague.adobe.com/docs/experience-manager-cloud-service/content/implementing/using-... 

  3. Whitelist a domain: To whitelist a domain so that users with that domain will have access to the preview, you can create a custom authentication handler in AEM Cloud. This can be done using the AEM Cloud console.
    https://docs.mktossl.com/docs/experience-manager-65/content/security/closed-user-groups.html?lang=en 
    https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/authentication-handler-in-... 

  4. Test preview functionality: Once you have configured SAML authentication, preview access, and whitelisted the domain, you can test the preview functionality in AEM Cloud. You can log in using your SAML credentials and verify that users in the specified user group have access to the preview and users with the whitelisted domain can access the preview.
    https://docs.mktossl.com/docs/experience-manager-65/content/implementing/developing/testing/tools.ht... 



Views

300

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 4
Level 4
2/7/24 11:21:09 PM
In response to Raja_Reddy

Hi Raja,

 

Can you elaborate or give more examples for point 2 and 3?

If I enable SAML setup on preview environment aswell how to do that.

How do we set up user access policy on preview env?

Are you suggesting customize the saml authentication to accomodate the whitelisting of domain, any example?

Note: this whitelisting of domain is required in publish aswell.

Views

280

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Community Advisor
Community Advisor
2/8/24 12:39:21 AM

Hi @SwetaB 
I think you can setup SAML for preview similar to PROD if the behaviour suppose to be same.

In case of some deviation, you can always extend SAML handler to add custom access checks.

 

https://docs.mktossl.com/docs/experience-manager-learn/cloud-service/authentication/saml-2-0.html?la... 



Arun Patidar

Views

267

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Administrator
Administrator
2/8/24 4:11:36 AM

@SwetaB Did you find the suggestions from users helpful? Please let us know if more information is required. Otherwise, please mark the answer as correct for posterity. If you have found out solution yourself, please share it with the community.



Kautuk Sahni

Views

247

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Replication through code in AEM as cloud service

Views

18

Likes

0

Replies

0
Page move action in AEM 6.5.15

Views

44

Likes

0

Replies

1
Product in AEM

Views

67

Likes

0

Replies

1
jcr:lastModified & jcr:lastModifiedBy not updating in AEM as cloud

Views

97

Likes

0

Replies

3
Repository Initialization: How to set deny and allow permission for groups

Views

69

Likes

0

Replies

2