Adobe Campaign Classic v7 & Campaign v8

wankang · 4/17/23

Dear engineer, i create one jssp, it can only access localhost, but this jssp need to face to external internet, how to control jssp authentication, i think may be use session#logon(), but do not how to to do at jssp. could someone help give an example to me.

Marcel_Szimonisz · 4/18/23

Hello @wankang ,

you call the session#logon() and parse out the session token which you can use in calling JSSP endpoint

If you read over xtk:jsspcontext.js in JS libraries you can authenticate using:

You can pass this token over GET request

https://example.com/namespace/myrest.jssp?__sessiontoken=<sessiontoken>

which is not secure because GET requests are often cached in various places like web servers, proxies, and the user's browser history, and therefore can potentially expose the token to unauthorized access.

You can use instead POST request header "X-Security-Token"

Marcel Szimonisz

MarTech Consultant
for more tips visit my blog
https://www.martechnotes.com/

View solution in original post

Marcel_Szimonisz · 4/18/23

Hello @wankang ,

you call the session#logon() and parse out the session token which you can use in calling JSSP endpoint

If you read over xtk:jsspcontext.js in JS libraries you can authenticate using:

You can pass this token over GET request

https://example.com/namespace/myrest.jssp?__sessiontoken=<sessiontoken>

which is not secure because GET requests are often cached in various places like web servers, proxies, and the user's browser history, and therefore can potentially expose the token to unauthorized access.

You can use instead POST request header "X-Security-Token"

Marcel Szimonisz

MarTech Consultant
for more tips visit my blog
https://www.martechnotes.com/

Adobe Campaign Classic v7 & Campaign v8

external system call jssp

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe