Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn more

View all

Sign in to view all badges

SOLVED

AEM 6.5: API Calls made using bundle in Author instance

Leena_1
Level 4
Level 4

Hi Everyone,

 

Currently I have an on-premise AEM 6.5 that is running a bundle in Author instance. This bundle provides the middleware API to communicate with the Adobe templates. 

 

As an admin, I like to avoid adding users in the Administrator's group unless it is absolutely necessary. I like to create a new user group that provides sufficient permissions and access level for the users in the group to perform their task successfully. 

 

1. What steps need to be taken to create this user group? 

2. Are there any existing groups in Adobe default setup that can be added to the User Group?

3. Is there any useful documentation on this topic?

 

Thanks in advance for the response,

Leena

1 Accepted Solution
PulkitJain
Correct answer by
Employee
Employee

@Leena_1 

AEM uses ACLs to determine what actions a user or group and can take and where it can perform those actions. And accordingly give permissions to the users or groups to access AEM pages or perform a particular task. Here is a document that will provide you elaborate steps to configure and maintain user authorization in AEM - https://experienceleague.adobe.com/docs/experience-manager-65/administering/security/security.html?l...

 

For your use-case, once you create a group, you may give permissions on particular nodes of the CRX so that the user that is added to the group will be able to perform the task accordingly. 

AEM also provides a set of built-in users and groups that you can add to your custom group.

 

Hope this helps!

 

View solution in original post

2 Replies
PulkitJain
Correct answer by
Employee
Employee

@Leena_1 

AEM uses ACLs to determine what actions a user or group and can take and where it can perform those actions. And accordingly give permissions to the users or groups to access AEM pages or perform a particular task. Here is a document that will provide you elaborate steps to configure and maintain user authorization in AEM - https://experienceleague.adobe.com/docs/experience-manager-65/administering/security/security.html?l...

 

For your use-case, once you create a group, you may give permissions on particular nodes of the CRX so that the user that is added to the group will be able to perform the task accordingly. 

AEM also provides a set of built-in users and groups that you can add to your custom group.

 

Hope this helps!

 

View solution in original post

Mayank_Gandhi
Community Advisor
Community Advisor

@Leena_1  You need to create and use service user for this. 

A service user is a JCR user with no password set and a minimal set of privileges that are necessary to perform a specific task. Having no password set means that it will not be possible to login with a service user.

A way to deprecate an administrative session is to replace it with service user sessions. It could also be replaced by multiple sub-service users if needed.

 

https://experienceleague.adobe.com/docs/experience-manager-64/administering/security/security-servic...