Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

Adobe Summit 2023 [19th to 23rd March, Las Vegas and Virtual] | Complete AEM Session & Lab list
See the List & Register

JWT Based Oauth Access Token Issue with multi Dispatcher/Publisher setup

Avatar

Level 2
Level 2
‎04-02-2022 00:05 PST

I have a 2 publisher - 2 dispatcher setup (one-to-one mapping). I have implemented a JWT Based Oauth on my publishers. I generated individual Oauth Clients on both the publishers and therefore both have different client id & client secret. Thus the JWT tokens generated for both are different and so the calls to get the access token for both pubs are different.

Ask is to only have one call which can be honored by both pubs to get the access token

Q1. Is there a way that both my pubs can have a similar oauth client?

I tried a few approaches as below:

  1. Replicate the oauth client from author to my pubs but it dint work and it was not replicated.
  2. Created an oauth client on one pub, packaged it and tried to install on other pub. It dint work as oauth client is a part of admin user and both pubs have different admin users. 

 

Now when i try to get the access token from AEM with help of one JWT token from a 3rd party system, the ALB's direct the traffic to either of the dispatchers and subsequently to the respective publishers.

As JWT calls are different for both publishers, when my ALB directs request to the dispatcher/publisher which matches the client, it gives the access token response while if the request goes to other it doesn't give the response as the JWT doesn't match.

Can anyone suggest how to tackle this situation?

Is it possible to have a 2 dispatcher/publisher setup for data fetch requests through oauth or it only works for 1 dispatcher/publisher setup. 

 

Views

237

Replies

2

Sign in to like this content

Total Likes

Translate
Translate
2 Replies

Avatar

Level 2
Level 2
‎04-02-2022 06:06 PST

@kpsolanki_1204 I was facing a similar issue with an integration I worked on.  I tackled this by cloning the OAuth Client and HMAC from one publisher to the other.  That way the registered client and HMAC are the same on both publish servers.  You will not able to use the UI to clone the OAuth client - however if you create the client on one publish server, you can package up that node and install on the other server.  

Views

227

Replies

1

Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
‎10-02-2022 04:27 PST
In response to jarvis_cl_lukow

Packaging the client from one pub and installing on other is not working for me. I have created oauth client using admin user, thus client is a part of the admin user.

e.g. Oauth client path - /home/users/A/ABcV9PhoksC85vshQkij/oauth/a4au9foq0ga5p31fqqd8qnpj9r-9iaesu-4

Admin user path - /home/users/A/ABcV9PhoksC85vshQkij

As the admin user for other pub is stored on a different path, it is not honoring the package installation of oauth client.

Can you let me know how exactly did you clone it & the specific steps on what hierarchy did you package. Or can you point me to some documentation which i could refer for cloning.

Thanks!

Views

201

Replies

0

Sign in to like this content

Total Likes

Translate
Translate