Level 2

AEM 6.5 after getting OAuth2 token everything returns 404

Forum|Forum|3 years ago
March 15, 2022
3 replies
1308 views

I am trying to set the OAuth 2.0 flow for server to server communication. I am able to do the steps outlined here https://medium.com/tech-learnings/how-to-manage-the-protected-aem-resources-through-oauth-2-0-851ce4c7a5ef up until the point of getting the token back form AEM. Using the token on the next request always gives a 404 response.

I have tested the manual flow to authorize the user and the JWT method as well with the same results. User is part of administrators group (just while I'm testing) so permissions are good and the scope has all permissions for /content/dam.

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

kautuk_sahni

Community Manager

@albinis1 Users is facing Issues following your article on "OAuth 2.0 Server Functionalities in AEM — Deep Dive | How to Manage the Protected AEM Resources through OAuth 2.0".

Can you please help?

Kautuk Sahni

F

fperez-1Author

Level 2

Update on this: I can see the registered client correctly on AEM, I can also see the tokens granted, with the custom scope I created, containing jcr:all permissions for /content/dam. When I try to access anything in the JCR response is 404, and when I try servlets response is correct.

This points to me ACLs are the problem with Resource Resolver but user has access to those paths and scope does too.

F

fperez-1Author

Level 2

Final update:

I found out what the problem was. All of the setup was correct except one thing briefly mentioned in the article. All privileges are applied through the system user: oauthservice.

This user is in charge of applying the privileges for the custom scopes. I set permissions for /content/dam for that user and everything else worked.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded