Get ready! An upgraded Experience League Community experience is coming in January.
SOLVED
AEM JWT Token
Hello Everyone,
I recognize that establishing a Service Account (JWT) through the Adobe Developer Console has been deprectaed (Authenticate and Access Experience Platform APIs | Adobe Experience Platform) and according to Adobe's guidelines, we should utilize the OAuth Server to Server authentication method (JWT Option has also been completely removed).
However, I still see we can create technical integration account through Environments (refer attached screenshot ) with a link like this https://dev-console-ns-team
And the JWT token generated here is functioning well for AEM assets HTTP APIs
My ask here is this the recomnded approach ?
Thanks
Topics
Topics help categorize Community content and increase your ability to discover relevant content.
1 Accepted Solution
Correct answer by
Hi @avesh_narang,
Adobe officially deprecated Service Account (JWT) in the Adobe Developer Console for all Experience Cloud products.
This means:
-
You cannot create new JWT credentials in the Developer Console anymore.
-
Existing JWT integrations will continue to work for now, but they are in maintenance mode.
-
The long-term supported authentication method is OAuth Server-to-Server.
What you are seeing in AEM Environments ("Technical Account", “Integrations”, etc.) is legacy UI that still exposes JWT credentials for backward compatibility, mainly because:
-
Many AMS/AEM customers still rely on them
-
Some AEM Assets HTTP APIs continue accepting JWT-based IMS tokens
But Adobe is not encouraging teams to rely on this mechanism going forward. It's only there so existing projects do not break.
So… is it recommended?
No.
It is supported temporarily, but not recommended for new implementations.
Adobe’s official guidance:
-
If you are building new integrations -> Use OAuth Server-to-Server.
-
If your existing JWT-based workflow works -> It will continue for now, but you should plan a migration timeline.
Why does the JWT from the environment page still work?
Because Adobe IMS hasn’t fully shut down JWT-based flows yet.
AEM Assets HTTP APIs still validate those tokens, but they are expected to be phased out as Adobe completes migration across Experience Cloud.
What should you do?
Use Adobe Developer Console -> OAuth Server-to-Server connection and update your integration code accordingly. That is the documented, supported approach moving forward.
Santosh Sai
Correct answer by
Hi @avesh_narang,
Adobe officially deprecated Service Account (JWT) in the Adobe Developer Console for all Experience Cloud products.
This means:
-
You cannot create new JWT credentials in the Developer Console anymore.
-
Existing JWT integrations will continue to work for now, but they are in maintenance mode.
-
The long-term supported authentication method is OAuth Server-to-Server.
What you are seeing in AEM Environments ("Technical Account", “Integrations”, etc.) is legacy UI that still exposes JWT credentials for backward compatibility, mainly because:
-
Many AMS/AEM customers still rely on them
-
Some AEM Assets HTTP APIs continue accepting JWT-based IMS tokens
But Adobe is not encouraging teams to rely on this mechanism going forward. It's only there so existing projects do not break.
So… is it recommended?
No.
It is supported temporarily, but not recommended for new implementations.
Adobe’s official guidance:
-
If you are building new integrations -> Use OAuth Server-to-Server.
-
If your existing JWT-based workflow works -> It will continue for now, but you should plan a migration timeline.
Why does the JWT from the environment page still work?
Because Adobe IMS hasn’t fully shut down JWT-based flows yet.
AEM Assets HTTP APIs still validate those tokens, but they are expected to be phased out as Adobe completes migration across Experience Cloud.
What should you do?
Use Adobe Developer Console -> OAuth Server-to-Server connection and update your integration code accordingly. That is the documented, supported approach moving forward.
Santosh Sai
