OAuth S2S token returns 401 Unauthorized on AEM Assets Author API despite valid token and correct product profile setup

Question

helloIam getting 401 Unauthorized (Request ID: dfdd5853-ae50-4978-8598-ff799907f15f)when calling the AEM Assets Author OpenAPI endpoint using OAuth S2S credentials. Token generates successfully from IMS but AEM rejects it. OAuth S2S credential is created in Adobe Developer Console - AEM Assets Author API added to ADC project - AEM Assets Collaborator Users product profile linked to credential - Technical user (client ID: 1da17ea4b1954c9da17171502f8e7371) is visible in AEM Author/tools /Security/Users api.yaml deployed via Cloud Manager Non-Production Pipeline successfullyToken generates with scope:AdobeID, openid, aem.assets.author, aem.foldershttps://author-p24103-e71623.adobeaemcloud.com/adobe/assets/urn:aaid:aem:4fc05bc8-d8f7-4630-9852-31fc7cf3462d/metadataUse Case:We have a GitHub Actions batch job in my github repo (EDS one) , that needs to:1. READ Content Fragments as JSON from /content/dam/{name}/{folderdescriptions}/{productId}2. WRITE/UPDATE a specific field (aiDescription) back to those Content Fragments we are using the AEM OpenAPI endpoints: -READ: GET /adobe/sites/cf/fragments?path=/content/dam/{name}/{descriptionsfolder}/{productId} - WRITE: PATCH /adobe/sites/cf/fragments/{fragmentId}Please advise on what additional configuration is needed to allow OAuth S2S read and write access to Content Fragments under /content/dam/{name}/descriptions

avesh_narang · Answer

Hi ​@jay15,401 means - Token is getting rejected due to scope / mapping orAPI mismatch.To debug further I would recomend to share curl/Postman collectionThanks

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded