Expand my Community achievements bar.

SOLVED

Enable OAuth 2.0 Access Token approach on AEM publisher domain.

Avatar

Level 1
Level 1
8/4/23 1:55:34 AM

Hi 

We are following Oauth2.o approach access protected files from client (non-AEM) by defining custom scope where we have provided read only access to folders/files.

 

Use Case:

  • The client requests authorization by directing AEM for authorization.
  • The AEM server authenticates the resource owner and informs the user about the client and the data requested by the client.
  • Once the user grants permission to access the protected data, the AEM redirects the user to the client with the temporary authorization code.
  • The client requests an access token in exchange for the authorization code.
  • The AEM authenticates the client, verifies the code, and will issue an access token to the client.
  • Now the client can access protected resources by presenting the access token to the resource server.
  • If the access token is valid, the resource server returns the requested resources to the client

.

Above use case is working fine in AEM author where we are getting authorization code and receiving access token by making call from postman and able to get protected file information.

 

We are facing some challenges to implement this in the publishing domain. Please let me know if input on below issue.

 

How do we bypass access confirmation step in AEM dispatcher path as there is no option to login & authorized access while generating authorization code?

 

Pradeep29095261w9v9_0-1691138888652.png

 

         

Can we bypass the access confirmation step while generating authorization code as it requires manual login and   authorization.

We enabled OAuth Server Authentication Handler on Publisher domain and configured below rules in dispatcher filter but /oauth/authorize & /oauth/token are not working with domain URL.


/0217 { /type "allow" /method "GET" /url "/oauth/authorize" }
/0218 { /type "allow" /method "POST" /url "/oauth/token" }

Views

838

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Employee
Employee
8/4/23 8:37:04 AM
In response to Pradeep29095261w9v9

This feature is not supported for publish and in near future also there is no road map for this.

View solution in original post

Views

780

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
3 Replies

Avatar

Level 1
Level 1
8/4/23 8:32:27 AM
In response to Nishant-Singh

Hi Nishant,

I am following same approach and its work fine in author environment.

 

When I am trying to implement same in Publish domain, below request looking for user login option to authorize request but in publish domain we don't have login option to authorize and generate code.

 

https://<Publish_Domain>/oauth/authorize?response_type=code&client_id=<client_id>&scope=offline_acce...

Pradeep29095261w9v9_0-1691163011908.png

 

 

 

Views

783

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Employee
Employee
8/4/23 8:37:04 AM
In response to Pradeep29095261w9v9

This feature is not supported for publish and in near future also there is no road map for this.

Views

781

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
In AEM as a Cloud Service, In Repo Init config file how can I access Environment variables and secrets of different environments(DEV, Stage, Prod) ? Solved

Views

107

Likes

0

Replies

3
AEM cloud build Issue about htl-maven-plugin Solved

Views

128

Likes

0

Replies

4
AEM x Workfront Native Intergration - You do not have permissions to access this resource

Views

37

Likes

0

Replies

0
How to render react component in aem component

Views

83

Likes

0

Replies

2
Best practices Aem cloud to on premise migration

Views

34

Likes

0

Replies

0