Expand my Community achievements bar.

Radically easy to access on brand approved content for distribution and omnichannel performant delivery. AEM Assets Content Hub and Dynamic Media with OpenAPI capabilities is now GA.

Custom servlet and JWT Token auth


Level 1

Hi everyone, 

My scenario is the following: I created a custom servlet (registered to a path, lets say /bin/servlet) that is getting called from an external system and it performs a couple of actions on the Assets (moving and setting metadata values). The servlet is only available in author instances.

My question is if there's any simple way of securing the servlet endpoint to work as the Assets HTTP API do, where you need to generate a JWT and then exchange it for a bearer token to be able to call the AEMaaCS instance.

If not, what are the correct ways of securing servlets when using AEMaaCS.

0 Replies