Expand my Community achievements bar.

Elevate your expertise and be recognized as a true influencer! Nominations for the exclusive Adobe Community Advisor program 2023 are now OPEN.

Custom servlet and JWT Token auth


Level 1

Hi everyone, 

My scenario is the following: I created a custom servlet (registered to a path, lets say /bin/servlet) that is getting called from an external system and it performs a couple of actions on the Assets (moving and setting metadata values). The servlet is only available in author instances.

My question is if there's any simple way of securing the servlet endpoint to work as the Assets HTTP API do, where you need to generate a JWT and then exchange it for a bearer token to be able to call the AEMaaCS instance.

If not, what are the correct ways of securing servlets when using AEMaaCS.

0 Replies