how we can secure our Assets REST API?

Question

I am working on AEM and SPA, here I want to use Assets REST API but want to know how I can secure our Assets REST API.
 
how we can configure OAuth with Assets REST API?
 
If there is any suggestion/example it will really helpful.

Priyanku_Dwivedi · Accepted Answer

Hi @abhishekty : To take the advantage of the Oauth authentication mechanism, depending upon the use case, some custom development might be required.

Please refer the below article on How to Manage the Protected AEM Resources through OAuth 2.0
https://medium.com/tech-learnings/how-to-manage-the-protected-aem-resources-through-oauth-2-0-851ce4c7a5ef

Mayank_Gandhi · Answer

@abhishekty For reading yes it would be a good way to proceed with Oauth.

AEM provides three scopes:

Profile
Offline access
Replicate

AEM’s extensible OAuth scopes allow other custom scopes to be defined. For example, a custom scope can be developed and deployed to AEM.

have a look at the below samples:

https://experienceleague.adobe.com/docs/experience-manager-gems-events/assets/oauth-server-functionality-in-aem-7-23-14.pdf?lang=en

https://github.com/Adobe-Consulting-Services/acs-aem-samples/tree/legacy/bundle/src/main/java/com/adobe/acs/samples/authentication

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded