Adobe credentials for standalone actions execution

Question

We successfully implemented a Firefly App that fetches data from an external API and writes data into Adobe Analytics (using the old API 1.4). This works perfekt since the action can use the UI-User credentials (read from params) like this:    const resHeaders = {
      "authorization": params.__ow_headers["authorization"],
      "x-api-key": params.__ow_headers["x-api-key"],
      "w-gw-ims-org-id": params.__ow_headers["w-gw-ims-org-id"],
      "x-api-key": params.__ow_headers["x-api-key"]
    }      but where does the action gets the credentials if there is no UI providing the params? what "user/key" does it have to execute requests against Analytics API? or can I somewhere add credentials to manually set the desired values?Thanks a lot for the support!

duynguyen_adobe · Accepted Answer

Hi @urs_boller , first of all it would be good to identify whether your app is an SPA or headless, as described in the Security Overview . I assume you have the `require-adobe-auth` flag set to true for your actions.

If it is an SPA, the user token must be passed from the Adobe Experience Cloud (ExC) Shell, specific to the user session you are logged in.

If it is a headless app, you need to pass a service token which is obtained with the JWT auth flow.

You could also use a user token in a headless app to call the backend services, as long as it has valid authorization and scopes. However, you can not use a service token to call backend services of an SPA, because the session has to be tied to a specific user.

Please let me know if something needs further clarification.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded