Adobe Experience Manager Sites & More

fperez · 3/15/22

I am trying to set the OAuth 2.0 flow for server to server communication. I am able to do the steps outlined here https://medium.com/tech-learnings/how-to-manage-the-protected-aem-resources-through-oauth-2-0-851ce4... up until the point of getting the token back form AEM. Using the token on the next request always gives a 404 response.

I have tested the manual flow to authorize the user and the JWT method as well with the same results. User is part of administrators group (just while I'm testing) so permissions are good and the scope has all permissions for /content/dam.

kautuk_sahni · 3/23/22

@Albin_Issac Users is facing Issues following your article on "OAuth 2.0 Server Functionalities in AEM — Deep Dive | How to Manage the Protected AEM Resources through OAuth 2.0".

Can you please help?

Kautuk Sahni

fperez · 3/24/22

Update on this: I can see the registered client correctly on AEM, I can also see the tokens granted, with the custom scope I created, containing jcr:all permissions for /content/dam. When I try to access anything in the JCR response is 404, and when I try servlets response is correct.

This points to me ACLs are the problem with Resource Resolver but user has access to those paths and scope does too.

fperez · 4/22/22

Final update:

I found out what the problem was. All of the setup was correct except one thing briefly mentioned in the article. All privileges are applied through the system user: oauthservice.

This user is in charge of applying the privileges for the custom scopes. I set permissions for /content/dam for that user and everything else worked.

Adobe Experience Manager Sites & More

AEM 6.5 after getting OAuth2 token everything returns 404

Kautuk Sahni

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe