Clarification on Service Account (JWT) Migration | Community
Skip to main content
christoffert559
christoffert559
March 12, 2025
Question

Clarification on Service Account (JWT) Migration

  • March 12, 2025
  • 2 replies
  • 838 views

Hello Adobe Team,

I received a notification regarding the deprecation of Service Account (JWT) credentials in favor of OAuth Server-to-Server credentials. As an administrator of the Play'n GO Malta Ltd organization, I need to confirm the status of our project.

Currently, I am unsure if the Service Account (JWT) credentials are actively being used. I have checked the insights, API calls, and activity logs, but found no activity. Could you please advise if there are any additional checks required to confirm whether these credentials are in use? For example, the last access token generation was in 2023. Can we consider that if there is no activity on this project, we can skip the migration, or even delete the project as there is no actual destination making a connection from Adobe?

Thank you for your assistance.

    2 replies

    tmj
    Adobe Employee
    tmjAdobe Employee
    Adobe Employee
    March 12, 2025

    Hello @christoffert559, have you seen this https://developer.adobe.com/developer-console/docs/guides/authentication/ServerToServerAuthentication/faqs/#how-can-i-verify-if-the-project-on-the-developer-console-is-being-used ? 

     

    I recommend looking at the Project's last service activity date (shown on the overview page) and the "Last access token generated at" timestamp on the JWT credential overview page to confirm whether the project or credential is in use. 

     

    After you confirm it is not in use, we recommend you to delete the JWT credential from the project or the entire project itself.

     

    Thanks
    Manik

    christoffert559
    christoffert559Author
    March 13, 2025

    Hi Manik, 

    Thanks for your swift response, 
    Yea, I have checked the link and items you mentioned, and as I said, I have checked the insights, API calls, and activity logs, but found no activity. 
    Also the Last access token generated is related to March 2023!. 

    So, I don't think we use this project. 

    What's your idea?

    Thanks
    Mo

      tmj
      Adobe Employee
      tmjAdobe Employee
      Adobe Employee
      March 17, 2025

      I cannot check your project to see the actual details. But if

      1. the last service activity date is very old, and
      2. the last access token generated at timestamp is also very old, and
      3. the insights tab does not display any activity

      then the credential is not active and can be deleted.

        Shaka
        Shaka
        Level 2
        April 11, 2025

        Thank you for reaching out. Based on your description, it seems like you're trying to determine whether the Service Account (JWT) credentials are still in use, given the lack of activity since the last access token was generated in 2023.

        Here are a few things you can check to ensure whether these credentials are still active or in use:

        1. API Calls and Logs:

        • Verify API Call Activity: Since you've already checked the activity logs and API calls, ensure that you're reviewing the correct timeframe. Double-check that there are no hidden or intermittent requests that could have been missed during routine checks.

        • Look for any access token usage: Even if the project hasn't had any activity recently, the presence of expired or inactive tokens could indicate that the credentials were still being used in some capacity.

        2. Access Tokens and Expiry:

        • The fact that the last access token generation was in 2023 might suggest inactivity, but also consider checking if the JWT tokens are still valid. If they are expired and there hasn't been a renewal request, it could be an indication that the credentials are no longer in use.

        • Tokens that haven't been refreshed in a while might also suggest that the project is dormant or no longer necessary.

        3. Review Your Adobe Services Configuration:

        • Check for any destination connections: Ensure that the Adobe product(s) or Adobe Experience Cloud services associated with your project aren't connected to any live endpoints or destinations. This would confirm whether Adobe services are still interacting with the credentials.

        4. Skip Migration or Project Deletion?

        • If there is no active use of the Service Account credentials, and if you confirm that no Adobe destination is relying on the project, then you can skip the OAuth migration process. However, before you delete the project, I’d recommend reaching out to your internal team or other stakeholders who may still have some legacy use cases or potential integrations planned.

        • Deleting the project is only advisable once you're absolutely certain that no other services or systems are depending on it.

        5. Recommended Next Steps:

        • Validate inactive project: If you’re confident that there’s no ongoing activity and no current dependencies on the project, you can move forward with deleting it.

        • Skip OAuth migration: Since there’s no active usage, you can defer migrating to OAuth credentials.

        If you are still unsure after verifying the above checks, I would recommend getting in touch with Adobe directly to ensure there are no hidden dependencies tied to the project.

        Let me know if you need any further assistance or have additional questions.

        Best regards,
        Shaka

        Terms & ConditionsAccessibility statement

        Loading footer...