Adobe Developer

filipe23353816 · 9/1/23

Hi,

Maybe a dumb question but we have API calls using the "Authorization": "Basic " ... and does that mean that it does not make use of Service account (JWT) credentials? So such a process would not need to change when we migrate our Service account (JWT) projects to OAuth?

Best regards,

Filip

tmj · 9/2/23

@filipe23353816 I cannot answer authoritatively as I don't know your code well. However, it does sound that you are right. Service Account (JWT) credentials use bearer tokens and not basic authentication.

I think another reasonable tell would be the domain name of the API calls made with the `Authorization: Basic XXXX' header. If the calls are not going to https://ims-na1.adobelogin.com/ims/token/ , then you can certainly skip them as they are not impacted by this migration.

Hope this helps.

Thanks
Manik

EstebanBustamante · 9/12/23

Correct.

The "Authorization": "Basic " means you are using a regular "Username / Password" as an authenticate method to access your instance. This of course is not ideal because you have the password exposed in your code and represents a security breach. That's why you should use any other more robust authentication method such as JWT or OAuth. But beyond the security issue (if you accept the risk) you should be fine, you don't have to migrate it.

Adobe Developer

"Authorization": "Basic " not included in OAuth migration?

Esteban Bustamante

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe