Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn more

View all

Sign in to view all badges

SOLVED

Can you set up folder level permissions for Assets HTTP API?

uafzal
Level 2
Level 2

I have a scenario where multiple developers need to access the same AEM DAM environment. Each developer will have their own workspace folder in the DAM. They will be accessing the assets and updating the metadata in their respective folders using the Assets HTTP API.

 

Is there a way to apply HTTP API (token-based) permissions for each developer so that they perform operations in their own specified folders in AEM DAM and by accident not mess up other workspaces?

HTTP-API
1 Accepted Solution
BrianKasingli
Correct answer by
Community Advisor
Community Advisor

@uafzal,

One way, you can create an AEM user for each of your developers with ACL (read,write,delete) permissions to only allow specific folder path restrictions.

View solution in original post

5 Replies
BrianKasingli
Correct answer by
Community Advisor
Community Advisor

@uafzal,

One way, you can create an AEM user for each of your developers with ACL (read,write,delete) permissions to only allow specific folder path restrictions.

View solution in original post

uafzal
Level 2
Level 2

@BrianKasingliThank you for the response.

The developers need to access the DAM using the HTTP API - HTTP API works with service credentials/access-tokens - Each developer will have the same service credentials because they are on the same AEM instance.
How will I link each AEM developer user with the HTTP API access? 

BrianKasingli
Community Advisor
Community Advisor

With POSTMAN you can do something like this:
http://localhost:4502/api/assets/my-site/carouselFolder.json

BrianKasingli_1-1616609959918.png

Use Basic Authentication, and after authentication, the "Authorization" value will be set In the header.

BrianKasingli_0-1616610054776.png

I hope this helps.

Jörg_Hoh
Employee
Employee

Don't give the developers Admin access to that instance, but limit the permissions of the users they are using.