Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

Custom servlet and JWT Token auth

Wildfiresss
Level 1
Level 1

Hi everyone, 

My scenario is the following: I created a custom servlet (registered to a path, lets say /bin/servlet) that is getting called from an external system and it performs a couple of actions on the Assets (moving and setting metadata values). The servlet is only available in author instances.

My question is if there's any simple way of securing the servlet endpoint to work as the Assets HTTP API do, where you need to generate a JWT and then exchange it for a bearer token to be able to call the AEMaaCS instance.

If not, what are the correct ways of securing servlets when using AEMaaCS.

0 Replies