AEM as OAuth2 Client: Access Token Payload and Cookie Decryption

Question

We configured Adobe Experience Manager (AEM) as an OAuth 2 client using a custom provider and setting up the Adobe "Granite OAuth Application and Provider."
Overall, the configuration is working fine, but we have encountered a couple of challenges related to the access token payload and cookie encryption. We would appreciate your guidance on the following matters:

Access Token Payload:
We would like to access the properties present in the access token payload. Could you please provide us with information on how we can access the access token payload within our AEM implementation? Any guidance or code examples would be highly appreciated.
Encrypted Cookie:
We attempted to save the access token in a cookie for further usage. However, we noticed that the cookie is encrypted. We would like to decrypt the cookie to extract the access token when necessary. Can you please advise us on the appropriate method or steps to decrypt the cookie and retrieve the access token?

DPrakashRaj · Accepted Answer

you can use jwt.io to decode the access token.

please refer to https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/verify-jwt-token-registered-oauth-clients/m-p/422055 and https://medium.com/tech-learnings/how-to-manage-the-protected-aem-resources-through-oauth-2-0-851ce4c7a5ef for details.

kautuk_sahni · Answer

@preetpal_bindra @harwinder-singh @gaurav_sachdeva_ @dprakashraj @mayursatav @rohan_garg @aanchal-sikka Can you please review this unanswered question? Appreciate your thoughts on this.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded