Expand my Community achievements bar.

How can the public account authoriate to the app from exchange

Avatar

Level 1

We wanna create an app and publish it to exchange marketing, once public account authoriate to our app, we will have permission to call adobe api to create like data schema, dataflow, etc. under their organization. So we can push their customer data to adobe experience cloud.

As this scenery, how can the public account authoriate to our app, what is the specific flow and steps, or do we have some example apps like this?

2 Replies

Avatar

Community Advisor

Hi @Gray4 

 

Absolutely, I can guide you through the process. To allow public accounts to authorize your app and grant permissions for accessing Adobe APIs, you'll need to set up a proper OAuth 2.0 authentication flow. This will enable secure and controlled access to the Adobe Experience Cloud services.

Here's a step-by-step overview of the process:

  1. App Registration: Register your app with the Adobe Developer Console. This will provide you with the necessary credentials (Client ID and Client Secret) for authentication.

  2. Choose OAuth Flow: Decide on the OAuth flow that suits your use case. For public accounts, the Implicit or Authorization Code flow might be appropriate.

  3. Authorization URL: When public users want to authorize your app, redirect them to Adobe's authorization URL. This URL will initiate the login process and ask for their consent to access certain Adobe services.

  4. User Login and Consent: Users will be prompted to log in with their Adobe ID (if not already logged in) and then grant your app permissions to access their Adobe services. This consent is an important step, as it ensures user control over data access.

  5. Callback and Token: After consent is granted, Adobe will redirect the user back to your app's specified callback URL along with an authorization code. Your app will exchange this code for an access token and possibly a refresh token.

  6. Call Adobe APIs: With the access token, your app gains the permission to call Adobe APIs for creating data schemas, data flows, etc. You can make authorized API requests on behalf of the user's organization.

  7. Handling Token Renewal: Access tokens have an expiration time. If you have a long-term integration, you might need to implement token renewal using refresh tokens.

  8. Provide Documentation: Clearly document the authorization process in your app's documentation. This helps users understand how the authorization works and what permissions they are granting.

Remember, security is crucial here. Ensure that your app is secure against potential vulnerabilities, and follow Adobe's recommended practices for OAuth-based integrations.

As for examples, Adobe provides developer resources, guides, and sample applications that can help you understand the process better. Feel free to explore the Adobe Developer website for these resources.


Thanks
Partyush

Avatar

Administrator

@Gray4 Did you find the suggestions from users helpful? Please let us know if more information is required. Otherwise, please mark the answer as correct for posterity. If you have found out solution yourself, please share it with the community.



Kautuk Sahni