Expand my Community achievements bar.

SOLVED

AEM 6.5: API Calls made using bundle in Author instance

Avatar

Level 5
Level 5
8/31/21 1:15:19 PM

Hi Everyone,

 

Currently I have an on-premise AEM 6.5 that is running a bundle in Author instance. This bundle provides the middleware API to communicate with the Adobe templates. 

 

As an admin, I like to avoid adding users in the Administrator's group unless it is absolutely necessary. I like to create a new user group that provides sufficient permissions and access level for the users in the group to perform their task successfully. 

 

1. What steps need to be taken to create this user group? 

2. Are there any existing groups in Adobe default setup that can be added to the User Group?

3. Is there any useful documentation on this topic?

 

Thanks in advance for the response,

Leena

Views

380

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Employee Advisor
Employee Advisor
8/31/21 9:29:15 PM

@aemuser001 

AEM uses ACLs to determine what actions a user or group and can take and where it can perform those actions. And accordingly give permissions to the users or groups to access AEM pages or perform a particular task. Here is a document that will provide you elaborate steps to configure and maintain user authorization in AEM - https://experienceleague.adobe.com/docs/experience-manager-65/administering/security/security.html?l...

 

For your use-case, once you create a group, you may give permissions on particular nodes of the CRX so that the user that is added to the group will be able to perform the task accordingly. 

AEM also provides a set of built-in users and groups that you can add to your custom group.

 

Hope this helps!

 

View solution in original post

Views

377

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
2 Replies

Avatar

Correct answer by
Employee Advisor
Employee Advisor
8/31/21 9:29:15 PM

@aemuser001 

AEM uses ACLs to determine what actions a user or group and can take and where it can perform those actions. And accordingly give permissions to the users or groups to access AEM pages or perform a particular task. Here is a document that will provide you elaborate steps to configure and maintain user authorization in AEM - https://experienceleague.adobe.com/docs/experience-manager-65/administering/security/security.html?l...

 

For your use-case, once you create a group, you may give permissions on particular nodes of the CRX so that the user that is added to the group will be able to perform the task accordingly. 

AEM also provides a set of built-in users and groups that you can add to your custom group.

 

Hope this helps!

 

Views

378

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Employee Advisor
Employee Advisor
8/31/21 10:49:42 PM

@aemuser001  You need to create and use service user for this. 

A service user is a JCR user with no password set and a minimal set of privileges that are necessary to perform a specific task. Having no password set means that it will not be possible to login with a service user.

A way to deprecate an administrative session is to replace it with service user sessions. It could also be replaced by multiple sub-service users if needed.

 

https://experienceleague.adobe.com/docs/experience-manager-64/administering/security/security-servic...

Views

375

Replies

0
Sign in to like this content

Total Likes

Translate
Translate