Musings on SharePoint, Adobe CQ, ECM, and more…

Implementing Single Sign On in AEM using SAML

SAML stands for “Security Assertion Markup Language.” It is an XML-based standard for communicating identity information between organizations and the cloud. It is used for enabling the secure transmittal of authentication tokens and other user attributes across cloud domains.

AEM 5.6 and above ships with a SAML authentication handler. This handler provides support for the SAML 2.0 Authentication Request and acts as a SAML service provider.

If you have never heard of SAML before, I would suggest you to view the videos below. These SAML 101 videos beautifully explains the basics of SAML – what is SAML? how SAML works and why it is important?

SAML authentication handler in AEM provide support for:

  • Signing and encryption of messages
  • Automatic creation of CRX users and groups
  • Service Provider and Identity Provider initiated authentication
  • Stores the encrypted SAML response message in the user-node (usernode/samlResponse) to facilitate communication with a third-party Service Provider.

Shankar of AEM Club did a brilliant job step by step article on how to set up SAML Authentication on AEM.

Here is an another great article on AEM 6 and SAML integration

If you want to dig deeper, please refer to the official documentation on how to implement SAML with AEM

Praveen Modi

Technology guy. AWS and Adobe Certified Solutions Architect. Works on Adobe AEM/CQ, Amazon Web Services, Azure. Loves Amazon Alexa and currently tinkering with Google Assistant. Chief Editor @

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.