Expand my Community achievements bar.

SOLVED

Jwt vs Oauth : Search Query Builder API

Avatar

Level 1

Since Adobe is deprecating the Service Account (JWT) credentials in favor of the OAuth Server-to-Server credentials for all integrations in all AEM authoring envs, does this also impact code integrations where we have used Adobe Query Builder API - https://experienceleague.adobe.com/en/docs/experience-manager-cloud-service/content/implementing/dev... for programmatically searching through assets in our Adobe Authoring env since currently in order to leverage this API integration , we have bene using JWT credentials but does those creds also stop working in Jan 2025 and we would need to switch to oauth ?

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

In other words, if you are using the JWT authentication method enabled through the Adobe Console, you must switch to OAuth. You should review how your API is set up to confirm whether you are using JWT, and if so, whether it's through the Adobe Console. If it was enabled through the Adobe Console, then you need to change it.

 

EstebanBustamante_0-1731337249095.png

 

https://experienceleague.adobe.com/en/docs/experience-manager-cloud-service/content/security/jwt-cre...



Esteban Bustamante

View solution in original post

3 Replies

Avatar

Community Advisor

Hi,

 

The QueryBuilder API does not use an authentication method to function. Instead, it uses a Session/ResourceResolver associated with an AEM User account (system user). The deprecation is explained here: https://developer.adobe.com/developer-console/docs/guides/authentication/ServerToServerAuthenticatio...; it applies to authentication methods where third-party systems, including other Adobe systems access AEM. So if you are accessing AEM information from a different system via JWT then yes, you would need to migrate that authentication method at some point, in this document you can find more details about how to migrate this: https://developer.adobe.com/developer-console/docs/guides/authentication/ServerToServerAuthenticatio... 

 

Hope this helps



Esteban Bustamante

Avatar

Level 1

Agree with you that we need to get rid of JWT credentials when external system is trying to connect to AEM. In my case, the external system is a custom API that is leveraging Adobe's Query builder http api and currently the api supports JWT based token as part of the request. How can we switch over to use oauth based creds ? 

the link you shared for migration is for integrated systems (such as Brand Portal, etc) and not API authentication. Even Query Builder API is not available as one of the integration on the link you shared.

Avatar

Correct answer by
Community Advisor

In other words, if you are using the JWT authentication method enabled through the Adobe Console, you must switch to OAuth. You should review how your API is set up to confirm whether you are using JWT, and if so, whether it's through the Adobe Console. If it was enabled through the Adobe Console, then you need to change it.

 

EstebanBustamante_0-1731337249095.png

 

https://experienceleague.adobe.com/en/docs/experience-manager-cloud-service/content/security/jwt-cre...



Esteban Bustamante