Hi Team,
I'm trying to expose contents in DAM to a third party application via Content Fragments and GraphQL query. I have created queries and persisted it. I have the below questions:
1. I would like to know the Authentication token to be passed in the API request
2. The GraphQL query in local instance gives the publish url of an asset like below in the response:
http://localhost:4503/content/dam/my-project/images/image%20(1).png
Would this be the same in graphql response in the prod environment as well?
like https://prod-domain/content/dam/my-project/images/image%20(1).png. If so, would I be able to access the image using that url directly?
Thanks,
Rakesh
Topics help categorize Community content and increase your ability to discover relevant content.
Views
Replies
Total Likes
Hi @rakesh_h2
By default all the GraphQL queries on publish instance is open for all and does not require authentication.
You can refer below article to secure the content and add permissions on top of it.
On second point, yes It will publish domain URL for an asset when you used _publishUrl option in GraphQL query.
Hope this helps!
Hi @iamnjain ,
On the second point, when I use the _publishUrl option in the query, I would get something like www.domain/content/dam/<path-to-image> in the query response in publish prod environment. But if I directly put the same url in browser, I get 403 Forbidden. How would I be able to use in the third party application then?
Hi @rakesh_h2
This seems weird. You mean, you are getting Publish domain with www instead of fully qualified publish domain starting with https?
When I tried on my prod instance, It's giving me correct results. Can you try on some other environment once?
Hi @iamnjain ,
When I tried in other environments, I get
"img": {
"altText": "Image Alt text",
"ariaLabel": "Image Alt text",
"mobileImage": {
"_path": "/content/dam/my-project/images/image (1).png",
"_authorUrl": "http://localhost:4502/content/dam/my-project/images/image%20(1).png",
"_publishUrl": "http://localhost:4503/content/dam/my-project/images/image%20(1).png",
"width": 396,
"height": 220
},
If I try in dev environment, I get a publish url for the image which is directly accessible in browser (without any authentication. meaning if I hit the url in browser, the image would get downloaded). But what I get in prod environment is not accessible in browser.
Sure! I am using this in Query
imagePath {
... on ImageRef {
_path
_publishUrl
}
In response, I am getting
"imagePath": {
"_path": "/content/dam/{path_to_image}",
"_publishUrl": "https://domain.com/content/dam/{path_to_image}"
}
Which is accessible over internet.
I can think of two possibilities in your case,
1. Are you able to access other images over Prod publish domain if you try manually any other image?
2. Publish URL configured properly on Prod Instance, less likely.
Yes, that's mentioned on Adobe documentation which I attached on earlier reply. You can refer that and to enable authentication. By default, It will be open for all.
@iamnjain Here it is mentioned to authenticate.
Authentication for Remote AEM GraphQL Queries on Content Fragments | Adobe Experience Manager
Hello @rakesh_h2
The GraphQL endpoints are publicly accessible, but the content that they return depends on user's access.
Example: if one sets up CUG, the results returned will be based on user's session.
For server-to-server authentication, you can use Service Credentials of AEM (Access tokens). Dedicated Service accounts when used with CUG should allow to expose only relevant data
@aanchal-sikka Makes sense now.
So if no CUG is applied for the content which the graphQL query accesses in query, no need of authentication for the API even in prod? The publishUrl of assets returned in the query result in prod would be accessible without any authentication?
Views
Likes
Replies