Adobe Experience Manager Sites & More

Hi @iamnjain ,

On the second point, when I use the _publishUrl option in the query, I would get something like www.domain/content/dam/<path-to-image> in the query response in publish prod environment. But if I directly put the same url in browser, I get 403 Forbidden. How would I be able to use in the third party application then?

Hi @rakesh_h2 

This seems weird. You mean, you are getting Publish domain with www instead of fully qualified publish domain starting with https?

When I tried on my prod instance, It's giving me correct results. Can you try on some other environment once?

Hi @iamnjain ,

When I tried in other environments, I get

"img": {
"altText": "Image Alt text",
"ariaLabel": "Image Alt text",
"mobileImage": {
"_path": "/content/dam/my-project/images/image (1).png",
"_authorUrl": "http://localhost:4502/content/dam/my-project/images/image%20(1).png",
"_publishUrl": "http://localhost:4503/content/dam/my-project/images/image%20(1).png",
"width": 396,
"height": 220
},

If I try in dev environment, I get a publish url for the image which is directly accessible in browser (without any authentication. meaning if I hit the url in browser, the image would get downloaded). But what I get in prod environment is not accessible in browser.

@iamnjain , Could you pls provide your fully qualified publish domain url. You can mask sensitive data. Just wanted to see the structure.

Sure! I am using this in Query

imagePath {
... on ImageRef {
_path
_publishUrl
}

In response, I am getting 

"imagePath": {
"_path": "/content/dam/{path_to_image}",
"_publishUrl": "https://domain.com/content/dam/{path_to_image}"
}

Which is accessible over internet.

I can think of two possibilities in your case, 

1. Are you able to access other images over Prod publish domain if you try manually any other image?

2. Publish URL configured properly on Prod Instance, less likely.

Hi @iamnjain ,

On the first point, when I publish my GraphQL query in prod publish, I can access it from an external application without any authentication?

Yes, that's mentioned on Adobe documentation which I attached on earlier reply. You can refer that and to enable authentication. By default, It will be open for all.

@iamnjain Here it is mentioned to authenticate.

Authentication for Remote AEM GraphQL Queries on Content Fragments | Adobe Experience Manager

@rakesh_h2 Please check the below documentation

https://experienceleague.adobe.com/docs/experience-manager-cloud-service/content/headless/security/a...

https://experienceleague.adobe.com/docs/experience-manager-cloud-service/content/implementing/develo...

@aanchal-sikka Makes sense now.

So if no CUG is applied for the content which the graphQL query accesses in query, no need of authentication for the API even in prod? The publishUrl of assets returned in the query result in prod would be accessible without any authentication?