Hello All,
We have a requirement where we want to expose AEM servlet urls to third party application using Azure Ad Oauth authentication.
We are using AEM 6.5 with 6.5.21 service pack (AEM standalone on azure VM and not AEM as cloud)
We can author environment only and all servlets are secured authentication by default (Basic Auth). Instead od basic authentication, we want to use Azure Entra Oauth where third party application will get access token from Azure and pass as Bearer {access_token} in Authorization Header to AEM servlet.
We want it to be server to server authentication, i.e. 2-legged authentication using client_credentials grant type.
Third party will call azure, get access token, and pass it to AEM servlet. It should authenticate and servlet should be triggered.
Is it possible from AEM side? As AEM supports only 3-legged authentication not 2-legged I am not able get any firm documentation for it or any working code. If it is possible, can you please send any documentation for it or working scenarios for it and what changes/configurations need to be made from AEM side.
If needed we can get on all for more details.
Note : There is only author environment, no publisher. So, servlets are behind authentication only (by default)
