Adobe Developer

Henry_Wing-KinLe · 8/26/25

Hi,

I've built an React app using the App Builder, along with runtime actions which connects to other systems (i.e. AEM). My runtime actions require authentication, as the following:

actions:
  assets:
    function: actions/aem/assets/index.js
    web: 'yes'
    runtime: nodejs:20
    inputs:
      LOG_LEVEL: debug
      AEM_HOST: $AEM_HOST
    annotations:
      require-adobe-auth: true

When I (as a developer) load the React App, the call to the runtime action executes successfully and loads the data properly.

However, for another user, when they open the App, the runtime action fails and they got this error message:

{
"error": "request is invalid, reason: failed authorization. Please verify your token and organization id."
}

I can also confirm that the call has the header `x-gw-ims-org-id` with the proper value passed.

I couldn't find it in the documentation, but is there any permissions needed for users to execute runtime actions?

Thank you,

Henry

tmj · 8/27/25

Good to know the issue has been resolved.

Yes, you'd need to adapt the steps. The core idea is that the user's product profiles need to match the product profiles used in the Developer Console Project/workspace. This ensures that a user with fewer privileges cannot access the app and gain access to something that they shouldn't have access to.

View solution in original post

tmj · 8/27/25

Hey Henry,

Could you look at the steps provided here and tell us if it resolves the issue for you?

https://experienceleaguecommunities.adobe.com/t5/app-builder-questions/aemaacs-and-asset-compute-cal...

Thanks
Manik

Henry_Wing-KinLe · 8/27/25

Hi @tmj ,

Thank you for your reply. I've checked the steps and it is not exactly my scenario.

In my case, it is the App that calls a runtime action, using the user's token generated by the App, which then calls AEM.

The error 401 seems to happen when the App tries to execute the runtime action using the user's token.

That being said, we played around the user's profile by adding/removing product profiles, and suddenly everything starts working fine for that user.

So, this is solved now, although I don't fully understand what the issue was.

Thanks,

Henry

tmj · 8/27/25

Good to know the issue has been resolved.

Yes, you'd need to adapt the steps. The core idea is that the user's product profiles need to match the product profiles used in the Developer Console Project/workspace. This ensures that a user with fewer privileges cannot access the app and gain access to something that they shouldn't have access to.