Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
Read More & Register today!
SOLVED

Enable OAuth 2.0 Access Token approach on AEM publisher domain.

Avatar

Level 1
Level 1
8/4/23 1:55:34 AM

Hi 

We are following Oauth2.o approach access protected files from client (non-AEM) by defining custom scope where we have provided read only access to folders/files.

 

Use Case:

  • The client requests authorization by directing AEM for authorization.
  • The AEM server authenticates the resource owner and informs the user about the client and the data requested by the client.
  • Once the user grants permission to access the protected data, the AEM redirects the user to the client with the temporary authorization code.
  • The client requests an access token in exchange for the authorization code.
  • The AEM authenticates the client, verifies the code, and will issue an access token to the client.
  • Now the client can access protected resources by presenting the access token to the resource server.
  • If the access token is valid, the resource server returns the requested resources to the client

.

Above use case is working fine in AEM author where we are getting authorization code and receiving access token by making call from postman and able to get protected file information.

 

We are facing some challenges to implement this in the publishing domain. Please let me know if input on below issue.

 

How do we bypass access confirmation step in AEM dispatcher path as there is no option to login & authorized access while generating authorization code?

 

Pradeep29095261w9v9_0-1691138888652.png

 

         

Can we bypass the access confirmation step while generating authorization code as it requires manual login and   authorization.

We enabled OAuth Server Authentication Handler on Publisher domain and configured below rules in dispatcher filter but /oauth/authorize & /oauth/token are not working with domain URL.


/0217 { /type "allow" /method "GET" /url "/oauth/authorize" }
/0218 { /type "allow" /method "POST" /url "/oauth/token" }

Views

1.1K

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Employee
Employee
8/4/23 8:37:04 AM
In response to Pradeep29095261w9v9

This feature is not supported for publish and in near future also there is no road map for this.

View solution in original post

Views

1.0K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
3 Replies

Avatar

Level 1
Level 1
8/4/23 8:32:27 AM
In response to Nishant-Singh

Hi Nishant,

I am following same approach and its work fine in author environment.

 

When I am trying to implement same in Publish domain, below request looking for user login option to authorize request but in publish domain we don't have login option to authorize and generate code.

 

https://<Publish_Domain>/oauth/authorize?response_type=code&client_id=<client_id>&scope=offline_acce...

Pradeep29095261w9v9_0-1691163011908.png

 

 

 

Views

1.0K

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Employee
Employee
8/4/23 8:37:04 AM
In response to Pradeep29095261w9v9

This feature is not supported for publish and in near future also there is no road map for this.

Views

1.0K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
Optimizing Daily API Calls in AEM: A Better Solution? Solved

Views

162

Likes

0

Replies

5
Replication Event Listener stopped working on AEMaaCS Publisher

Views

118

Likes

0

Replies

5
Create Content Fragment with more than one variations from Excel File

Views

85

Likes

0

Replies

0
RTE full options not appearing in minimized view AEM 6.5 cloud

Views

140

Likes

0

Replies

4
Redirects do not work with x-aem-client-country header

Views

115

Likes

0

Replies

1