Expand my Community achievements bar.

Guidelines for the Responsible Use of Generative AI in the Experience Cloud Community.
SOLVED

AEM publisher as a middleware

Avatar

Level 4

Hi Experts,

 

We are creating a dynamic component in AEM (SPA Angular) called the search widget component, which calls a third-party API. This call can be triggered from the browser, but the API requires an API key, which we don't want to expose in the network call. Therefore, we are considering triggering the call from the publisher as a servlet.

 

Is it recommended to use the publisher as middleware in this case?

 

Since this component is expected to handle significant traffic, with 200-400 TPS, relying on the publisher may not be ideal.

 

I understand that publishers are not designed to handle such activities. In this situation, what would be the ideal solution?

 

Your help is greatly appreciated!

 

Topics

Topics help categorize Community content and increase your ability to discover relevant content.

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

My recommendation is to proxy the call from the CDN layer itself. You should be able to set the required API keys at the CDN level, which allows you to use the same DNS to invoke the APIs at the browser level. This approach also helps hide the API keys and prevents unnecessary traffic from reaching the AEM publish layer.

Please refer to https://medium.com/tech-learnings/implementing-cross-domain-cookie-handling-for-seamless-api-integra... for more details

Regards

Albin

https://myprofile.albinsblog.com

View solution in original post

2 Replies

Avatar

Community Advisor

Hi @Nandujee 

In your case you can try the aem+ reverse proxy approach which can be used to redirect the request to 3rd party server through dispatcher without affecting your publisher 

 

sherinregi_0-1725859630455.png

 

 

refer the blog for impl details : https://techrevel.blog/2024/06/09/aem-reverse-proxy/

 

Avatar

Correct answer by
Community Advisor

My recommendation is to proxy the call from the CDN layer itself. You should be able to set the required API keys at the CDN level, which allows you to use the same DNS to invoke the APIs at the browser level. This approach also helps hide the API keys and prevents unnecessary traffic from reaching the AEM publish layer.

Please refer to https://medium.com/tech-learnings/implementing-cross-domain-cookie-handling-for-seamless-api-integra... for more details

Regards

Albin

https://myprofile.albinsblog.com