Client ID Allowlist requirement for Sites/Pages Management API (/adobe/sites/sm/ and /adobe/sites/pm/) in RDE environment

Hello ​@Meghana_N 

The API allowlist configuration you deployed is the correct mechanism for enabling IMS client IDs for OpenAPI-based AEM access, and there is not a separate AEM-side configuration file required specifically for the Sites/Page Management APIs.

Since the same configuration is already working for the Content Fragment OpenAPI, the most likely cause is not an additional AEM config requirement, but rather a difference in the Adobe Developer Console setup or token scopes being used for the Sites/Page Management API calls.

In particular, please verify the following:

1. The exact client ID used for the failing Sites/Page Management API call is the same client ID that was allowlisted in your api.yaml.
2. The Adobe Developer Console project includes the AEM CS Sites Content Management API.
3. The access token used for /adobe/sites/sm/ or /adobe/sites/pm/ includes the required Sites-related scope(s).
4. If any ADC configuration changes were made, please generate a fresh token and test again.

If the Content Fragment API works but the Sites/Page Management API does not, that typically points to a client ID / API card / scope mismatch rather than a missing API-specific configuration package on the AEM side.

​@SubbaraoGa1 thanks for the reply!

I see that the above mentioned configurations are present in my ADC.

I have added AEM CS Sites Content Management with scopes “openid, AdobeID, aem.fragments.management, aem.folders”, Will this work for Sites/Page Management API?

​@Meghana_N 

No, the current scope set will not be sufficient for the Sites/Page Management APIs.
Based on what you shared, your token currently contains:

• openid
• AdobeID
• aem.fragments.management
• aem.folders

That scope set is enough for Content Fragment-related operations, which matches what you are seeing today. However, for Sites/Page Management APIs, the token also needs the aem.sites scope.

So the key finding is:

• Working CF API → expected with aem.fragments.management + aem.folders
• Failing Sites/Page Management API → expected if aem.sites is missing

The AEM CS Sites Content Management API onboarding defines aem.sites as the scope for Site and Page Management features / Content API (Site & Page Management APIs).
Sources:

• AEM CS Sites Content Management API - Adobe Developer Console Onboarding

What to do next

Please try the following:

1. Re-open the ADC project configuration for AEM CS Sites Content Management
2. Verify that the API is exposing/selecting the aem.sites scope
3. If aem.sites is not present, remove and re-add the API card / credential
4. Generate a new access token
5. Decode the new token and confirm it now includes aem.sites
6. Retest the /adobe/sites/sm/ and /adobe/sites/pm/ endpoints

Important note

Since:

• the same client ID is already allowlisted in AEM, and
• the same client ID works for the CF APIs,

this strongly indicates the problem is now token scope-related, not an AEM configuration pipeline issue.

​@SubbaraoGa1 I just removed and re-added the API card but do not see any change in the scope 

openid, AdobeID, aem.folders, aem.fragments.management