Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

[AEM Gems Webinar] Accelerating Experience Manager as a Cloud Service development with Rapid Development Environments
SOLVED

On-Demand service API bad request, question regarding IDs

Avatar

Level 2

My API requests to the on-demand service APIs are being rejected as status 400, bad requests.

There appears to be two flavors of the PHP SDK:

  • aemmobile-sdk-for-php - This contains the SDK, and recipes
  • aemmobile-api-examples - This contains a different version of the SDK, and numerous demos

First, I'm able to use my ClientID on https://aex.aemmobile.adobe.com and obtain my Device ID and Device Token.

aem-aex.png

Next, I plug those values combined with the returned AEM Mobile On-Demand services form from Adobe in the configure.php:

aem-code.png

After which, I can successfully run the demos - I can get my access token, create articles, assemble and upload articles, add to collections, etc... Seemingly things are working perfectly.

When I look the output from the PHP script, things seem in order:

aem-php.png

However, when I debug that network call through a proxy, I'm seeing different values (X's below are hiding values)

device_idAEBE7800FAXXXXXXXXXXD36080XXXXXXXXXX87A038F41C292080XXXXXXXXXXC8
client_idProjectCentral12
client_secret814506d8-XXXX-XXXX-XXXX-XXXXXXXXXXXX

First, the client ID doesn't match - I'm not even sure where this "ProjectCentral12" is coming from.

Next, the device ID's UUID is in a different form.

Finally, the client secret does not match my UUID.

What's confusing about this, is that when I curl to test the API using my assigned values, I get http status 400, bad request.

However, when I use these values from above, the API call works.

So, my question is:

  1. Why are my own values not accepted?
  2. What format is the device ID supposed to be in?
1 Accepted Solution

Avatar

Correct answer by
Employee

Hi Jason,

Can you modify the scope to AdobeID,openid ? It doesn't appear to be right and that's why you get a 400 Bad Request (invalid scope)

POST call for authentication :

https://ims-na1.adobelogin.com/ims/token/v1?grant_type=device&client_id=your_client_id&client_secret=your_secret&scope=AdobeID,openid&device_id=your_device_generated&device_token=your_token_generated

client_id + client_secret => API key that you have received from Adobe;

device_id + device_token => these values generated with the AEX tool

Thanks,

Andrei

View solution in original post

0 Replies

Avatar

Level 2

If it helps, here are two code segments consuming the API:

Using these values that I traced through debug proxy works:

aem-works.png

However, using my assigned values fails:

aem-fails.png

Avatar

Correct answer by
Employee

Hi Jason,

Can you modify the scope to AdobeID,openid ? It doesn't appear to be right and that's why you get a 400 Bad Request (invalid scope)

POST call for authentication :

https://ims-na1.adobelogin.com/ims/token/v1?grant_type=device&client_id=your_client_id&client_secret=your_secret&scope=AdobeID,openid&device_id=your_device_generated&device_token=your_token_generated

client_id + client_secret => API key that you have received from Adobe;

device_id + device_token => these values generated with the AEX tool

Thanks,

Andrei

Avatar

Level 2

Andrei,

Reducing the scope to AdobeID,openid appears to resolve the issue.

Thanks for the insight.