Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

AEM 6.5 after getting OAuth2 token everything returns 404

Avatar

Level 2

I am trying to set the OAuth 2.0 flow for server to server communication. I am able to do the steps outlined here https://medium.com/tech-learnings/how-to-manage-the-protected-aem-resources-through-oauth-2-0-851ce4... up until the point of getting the token back form AEM. Using the token on the next request always gives a 404 response.

 

I have tested the manual flow to authorize the user and the JWT method as well with the same results. User is part of administrators group (just while I'm testing) so permissions are good and the scope has all permissions for /content/dam.

 

 

3 Replies

Avatar

Administrator

@Albin_Issac Users is facing Issues following your article on "OAuth 2.0 Server Functionalities in AEM — Deep Dive | How to Manage the Protected AEM Resources through OAuth 2.0".

 

Can you please help?

 

Avatar

Level 2

Update on this: I can see the registered client correctly on AEM, I can also see the tokens granted, with the custom scope I created, containing jcr:all permissions for /content/dam. When I try to access anything in the JCR response is 404, and when I try servlets response is correct.

 

This points to me ACLs are the problem with Resource Resolver but user has access to those paths and scope does too. 

Avatar

Level 2

Final update:

I found out what the problem was. All of the setup was correct except one thing briefly mentioned in the article. All privileges are applied through the system user: oauthservice.

This user is in charge of applying the privileges for the custom scopes. I set permissions for /content/dam for that user and everything else worked.