Expand my Community achievements bar.

SOLVED

Adobe I/O - Creating Access Token (3rd Party Vendor)

Avatar

Level 4

Hello, 

 

I have a situation where a 3rd Party Vendor is in charge of my clients Website. I set up an Order Confirmation and Password Reset Event for Transactional Messaging in ACS. The 3rd party vendor will be providing the data identified in the Event that populates the ctx. Here's what I've done so far

 

1) I create a project in Adobe I/O to generate a JWT Token. I understand this token is to be used in order to generate the Access Token

2) I was able to create and test the Events/Transactional Messaging and send myself the emails. 

 

However, here is where I run into problems. I understand the Access Tokens are only good for 24 hrs and must be refreshed - however, I can't find any documentation that would explain how to refresh the token daily, other than manually logging into the Adobe Console UI, and going through the steps to generate that JWT and Access Tokens. 

 

There's got to be a way for a 3rd Party to gain access via script, where they would use the Private Key (I've provided it to them) to generate the token, then use the Token to generate the Access Token. 

 

My other question is, am I even using the correct service for this process? Should I be using OAuth or API Key authentication? 

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

Hi,

Thanks

David



David Kangni

View solution in original post

8 Replies

Avatar

Correct answer by
Community Advisor

Hi,

Thanks

David



David Kangni

Avatar

Administrator

Hi @holmes74338504,

Were you able to resolve this query with the given solution? Do let us know.

Thanks!



Sukrity Wadhwa

Avatar

Level 4
Yes I was. Unfortunately - having issue with the 3rd party in getting them to understand how to implement the process. They are trying to use the Java Script process outline in some documentation I found, and they're getting an Error Response Code while generating the access token with the JWT token: {"error":"invalid_client","error_description":"invalid client_id parameter"}. Trying to work with them to walk through the process again, as I believe they aren't using the correct information in the Client ID and Secrect Key fields. Do you have any thoughts>

Avatar

Community Advisor

Hi,

invalid_client can have two reasons:

  • 400 invalid_client: Integration does not exist. This applies both to the client_id parameter and the aud in the JWT. The client_id parameter and the aud field in the JWT do not match.
  • 401 invalid_client: Integration does not have the exchange_jwt scope. This indicates an improper client configuration. Contact the Adobe I/O team to resolve it. The client ID and client secret combination is invalid.

You need to connect to Adobe IO Console to get the correct information.

DavidKangni_0-1600953996550.png

Thanks,

David



David Kangni

Avatar

Level 9
Hi, I have a similar situation, we want to ideally enable monitoring for ACS API for our clients, however as the token expires our monitoring tool (blazemeter) does not have a way to regenerate the access token. Is there some recommendations for this please. Or any other solution where I can be able to monitor the APIs?

Avatar

Level 4
@mmbb110 We found a solution. There is some JavaScript we found in the documentation that our vendor will use (https://www.adobe.io/authentication/auth-methods.html#!AdobeDocs/adobeio-auth/master/JWT/JWT.md#crea...). From the documentation - he recreated the Public and Private Key. I then added the Public Key to the program I created in Adobe I/O Console. I provided him with the POST Request Header info (API Key, JWT Token, Org ID, etc) and he has been able to use the script to make a call daily and exchange the JWT KEY for an Access Token.

Avatar

Level 9
@holmes74338504 Thanks for the information, I am stuck on an information on the page where it mentions that body request.

Avatar

Level 4
@ mmbb110 - please list out the question you have regarding POST HEADER. I can guide you.