Need best authentication model to access content | Community
Skip to main content
H
haq81
April 20, 2025
Question

Need best authentication model to access content

  • April 20, 2025
  • 1 reply
  • 511 views

Attached is the sample data that we need to expose to internet. We need to include all our assets in the json file. (.json is file not attachable in this. so I put it in .pdf)

 

Initially we had a scheduler in author which will scan all the assets and put it in /content/dam/assets.json and publish the asset.json.

Later the thridparty system can access by https://www.mydomain.com/content/dam/assets.json.

 

Now we have a requirement that we need to include the private assets(we maintain a field in asset metadata) also in the asset.json.

In this case we cannot show the private asset path in the assets.json.

 

We are looking for some authentication model so that the thirdparty system will be authenticated and access the /content/dam/assets.json.

 

Note:

1) we can change the path of  /content/dam/assets.json 

2) we can do the the authentication either in author or publish.

 

we need a solution for this.

 

 

 

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

1 reply

EstebanBustamante
Community Advisor and Adobe Champion
EstebanBustamanteCommunity Advisor and Adobe Champion
Community Advisor and Adobe Champion
April 21, 2025

Hey,

 

The right solution depends on your security setup. The easiest option is to go with Basic Authentication—just include a username and password in the request and protect your endpoint with those.

A better and more secure approach is using Service Credentials, but this only works if you're on AEM as a Cloud Service (AEMaaCS). You can check it out here: https://experienceleague.adobe.com/en/docs/experience-manager-learn/getting-started-with-aem-headless/authentication/service-credentials

 

If you want to go all-in on security, you can enable OAuth 2.0 and use access tokens. It’s more complex to set up, but definitely more secure. Here’s a guide: https://medium.com/tech-learnings/how-to-manage-the-protected-aem-resources-through-oauth-2-0-851ce4c7a5ef

 

For your use case, I think Service Credentials should work just fine.

 

Hope this helps.

 

Esteban Bustamante
    H
    haq81Author
    April 26, 2025
    Thanks Esteban Bustamante for you reply. unfortunately ours is not AEMasCS. Still we use OnPrem version managed by AMS.

    I can go with Oauth2.0 in author, but new serviceaccount is created under useradmin everytime we generate token. is there a way to control creating new useraccount?

    Terms & ConditionsAccessibility statement

    Loading footer...