Expand my Community achievements bar.

SOLVED

AEM to Target Integration migration from Service Account (JWT) credentials to OAuth Server-to-Server credentials

Avatar

Level 1

Hi,

 

I recently received email to "Migrating from Service Account (JWT) credential to OAuth Server-to-Server credential" - here is the link in the email -  https://developer.adobe.com/developer-console/docs/guides/authentication/ServerToServerAuthenticatio...

 

The migration works well in the developer console, but once the old JWT credential is deleted, when I go in AEM in the "ADobe IMS Technical Account" and check the health of the connection, I get now error Dev Adobe Target IMS: failed to get access token from authorization server status: 400 response: {"error_description":"The client must have the exchange_jwt scope.","error":"invalid_client"} 

 

Any suggestion on how to fix this urgently is appreciated.

 

Thanks,
Krass

Topics

Topics help categorize Community content and increase your ability to discover relevant content.

1 Accepted Solution

Avatar

Correct answer by
Level 1

Looks like the AEM team will be responsible to update the AEM IMS Client config to use the new OAuth Server-to-Server credential. In the meantime, the old JWT credential will be still valid.

View solution in original post

11 Replies

Avatar

Employee
Employee

Hi @krassibb

 

Did you also update your AEM instance to use the new credential?

 

Thanks
Manik

Avatar

Level 1

Hi @tmj,

 

Yes, I did update the credentials in AEM IMS configuration. Although, the configuration fails on the JWT Payload mandatory section.

 

Please notify the AEM product team about the issue.

 

Thanks,

Krass

Avatar

Correct answer by
Level 1

Looks like the AEM team will be responsible to update the AEM IMS Client config to use the new OAuth Server-to-Server credential. In the meantime, the old JWT credential will be still valid.

Avatar

Level 1

Did we get a solution for this ? I am facing the same issue "Dev Adobe Target IMS: failed to get access token from authorization server status: 400 response: {"error_description":"The client must have the exchange_jwt scope.","error":"invalid_client"} "

Avatar

Level 2

We are having the same issue after migrating from JWT to OAuth. I'm unable to find any documentation on how to migrate our on-prem AEM to this new authentication.

 

Adobe-Target-IMS-IO: failed to get access token from authorization server status: 400 response: {"error_description":"The client must have the exchange_jwt scope.","error":"invalid_client"}

Edit: we have created a support ticket at Adobe to check if can revert the migration since AEM does not support OAuth for the export of Experience Fragments to Target yet.

Avatar

Employee
Employee

Hi @varun790 , please allow me a few days to chase down the official timeline on when AEM will support the new OAuth credentials. Be assured it will be well before the EOL in Jan 2025.

 

Thanks for your patience
Manik

Avatar

Employee
Employee

Hello folks, quick update, AEM is targeting to release support for OAuth Server-to-Server credentials by April 2024. 

Avatar

Employee
Employee

Hello folks, quick update, AEM is targeting to release support for OAuth Server-to-Server credentials by April 2024. 

 

Avatar

Level 2

Meanwhile SP21 has been delivered which contains support for oauth:
https://experienceleague.adobe.com/en/docs/experience-manager-65/content/release-notes/release-notes...

 

A hotfix for lower versions is available for download via the Software Distribution page.