Expand my Community achievements bar.

Join us at Adobe Summit 2024 for the Coffee Break Q&A Live series, a unique opportunity to network with and learn from expert users, the Adobe product team, and Adobe partners in a small group, 30 minute AMA conversations.
SOLVED

New Analytics Integration - Node? JWT? API1.4 or 2.0? Documentation?

Avatar

Level 2

Hello all, I've kicked of the new year with the intention of building Adobe Analytics in to my Company's CMS. It's seems like it's the worst possible time to do that as adobe services are being decommissioned and new service are appearing - but without full functionality?

I want to authenticate with Adobe Analytics and return some report information and edit segments via their respective API's. I'm using Node to do this and it will all be automated - no user interaction required (so no OAuth 2.0 consent screens - needs to be server-to-server auth).

First I tried Analytics API 1.4 (because I wasn't aware of 2.0), I got to the point of creating a jwt_bearer type 'Legacy OAuth Application' via this (temporary?) portal: https://legacy-oauth.cloud.adobe.io/

Then I just got stuck because I couldn't locate any documentation that specified the auth urls for exchanging the JWT token.

First Question:

Where can I find documentation on how to generate the payload of a valid JWT token for Adobe Analytics API 1.4? I assume that it used to be on this page that no longer exists (redirects): https://marketing.adobe.com/developer

As I was frustratingly looking around for answers Adobe Analytics API 2.0 popped up - great! Problem is 2.0 doesn't currently support service accounts. I found this out via a forum thread: Re: Creating an OAuth client for a third-party integration?

Second Question:

Does Adobe Analytics API 2.0 support service accounts, if not when will it?

Furthering that, it seems that you can actually authenticate service accounts right now - but upon attempting to use this authentication on Analytics API endpoints returns this for me: "Profile not valid"

https://analytics.adobe.io/api/${Organization ID}/collections/suites?limit=10&page=0

headers: {

     x-api-key: Adobe API Key,
     x-proxy-company-id: Org ID,
     Content-Type: 'application/json',
     Accept: 'application/json',
     Authorization: 'Bearer ' + access_token

}

{

     error_code: '403025',

     message: 'Profile is not valid'

}

EDIT:
I originally misunderstood what was meant by Global Company ID, after locating this from using the documentation here, Overview, I now receive a different response:

{

     errorCode: 'invalid_token',

     errorDescription: 'User associated with ims token could not be found or company not found.',

     errorId: 'auth-2fc29476-xxxx-xxxx-xxxx-c11c49cc6598'

}

Third Question:
Am I receiving this error because Analytics is not ready for use with service accounts yet?

Here are some resources I've already been looking at to try and resolve without posting here

- GitHub Docs: GitHub - AdobeDocs/analytics-1.4-apis: Documentation and helpful resources for calling the Analytics...

- Swagger Docs (API 1.4): Swagger UI

- Service Account Auth (API 1.4): analytics-1.4-apis/auth_service_account.md at master · AdobeDocs/analytics-1.4-apis · GitHub
- AEC Developer Docs (Mainly dead links): Developer
- Adobe I/O JWT Quickstart Guide (API 2.0): auth-methods

Final Question:

Can I actually achieve what I am attempting right now? I don't mind using 1.4 and upgrading later, I just need to get this working ASAP!

1 Accepted Solution

Avatar

Correct answer by
Level 2

olivere79958636

I can't speak as any authority on the subject, but I did notice there was a pull release on the AdobeDocs github page referring to JWT support for 2.0 coming around the target date of 2/13 (today).

DO NOT MERGE UNTIL Admin Console changes are live (2/13 target) - Added docs about JWT by mike2184 ·...

albeit not official, it's a good sign.

View solution in original post

11 Replies

Avatar

Level 2

As of Jan 29, 2019, it looks like they don't support service accounts for 2.0 yet, but soon?:
"In Q1 2019 (coming very soon), Analytics will support JWT authentication for situations that require server-to-server, service-token, or other long-running authentications."

How to get a new access token using refresh token

Avatar

Employee Advisor

Sam is 100% correct here. Q1 2019, and that answer is straight from our API team.

Avatar

Level 2

@Gigazelle I can see that Q1 2019 is mentioned in a few places, which is also the same as saying beginning of 2019, or coming soon, so it could be any time in the next 50 days. I'm trying to get a more accurate time than this. (Regardless, thank you Sam for adding to this thread)

Also I asked about access to documentation for the Adobe Analytics API 1.4 seeing as the functionality for JWT auth is not yet available on 2.0 but appears to be using 1.4 - just no way of reading how it works. Since 2.0 has been launched the documentation for 1.4 has broken links everywhere and redirects to marketing.adobe all the time.

Avatar

Correct answer by
Level 2

olivere79958636

I can't speak as any authority on the subject, but I did notice there was a pull release on the AdobeDocs github page referring to JWT support for 2.0 coming around the target date of 2/13 (today).

DO NOT MERGE UNTIL Admin Console changes are live (2/13 target) - Added docs about JWT by mike2184 ·...

albeit not official, it's a good sign.

Avatar

Level 2

GREAT! This is exactly what I was after, at least even if they get delayed it should be within the next few days judging from that last comment.

Great find though Sam, I was looking at the readme pull-requests in January, completely forgot about them.

Avatar

Level 2

I can confirm that JWT 2.0 is now working for me:

Console logs for JWT Login then a request for all segments. 200 response code, (gave me 401 before).

1690978_pastedImage_0.png

Avatar

Level 1

Hi Olivere,

did you manage to make further requests to the API?

I created a JWT-Token, successfully requested an acces token and got the global company id from the the discovery-endpoint. But i couldn't make call other endoints like users, segements or reports.

Example:

https://analytics.adobe.io/api/myCompID/users/me

header = {

'Content-Type': 'application/json',

'Accept': 'application/json',

'x-api-key': '52...35',

'Authorization': 'Bearer eyJ4...lNKQ',

'x-proxy-global-company-id': 'myCompID'

}

Response: 401 - {"errorCode":"invalid_token","errorDescription":"User associated with ims token could not be found or company not found.","errorId":"auth-338dd46d-8831-4461-a624-2a075d6a21f1"}

Wouldn't it be impossible to call /discovery if i had bad token?

Sometimes i get that 'profile' error message instead.

How about you?

Avatar

Level 2

I have a couple of things for you to try:

- Make sure you have the correct permissions setup in adobe.io

- Make sure that you can make request in Adobe's Swagger UI before you try making your own (also make sure the company ID is the same in the url swagger generates)

If you have your auth working correctly, using the same request from Swagger with your own auth should work fine.

Link to swagger: Swagger UI

Avatar

Level 1

- I currently have select all available permissions in adobe.io

- swagger UI works perfectly, but it shows a different API-Key than the Adobe.IO backend. Replacing the API-Key does not help.

I am quite clueless right now. I don't understand, why i'm able to get an access token and call /discovery but not e.g. /users/me.

It only works if i copy the the access token from SwaggerUI. But i need to be able to generate my own token automatically as soon as it expires.