Expand my Community achievements bar.

SOLVED

Minimum configuration required to allow my GET api to be called from 3rd party application

Avatar

Level 8
Level 8
3/21/24 12:35:00 AM

Hello Everyone,

 

I have created Assets HTTP API. its GET method only. Now, 3rd party spring boot application(for the same client, handled by known team) wants to access this GET api.  Now, what is the minimum configuration I need to do in my  AEM application? Note: 3rd party application calls the get method from their backend logic (in this case, its from Java)

 

I hope CORS setting is not required for this? So, I need to modify only under: Apache Sling Referrer Filter configuration?

 

cc @aanchal-sikka  @arunpatidar @Imran__Khan  @BrianKasingli  @TarunKumar 

 

 

Views

385

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
3/21/24 2:55:58 AM

To allow the third-party Spring Boot application to access your AEM Assets HTTP API, you need to configure the necessary CORS (Cross-Origin Resource Sharing) settings in your AEM application. CORS enables web servers to specify which origins (domains) have permission to access its resources. Here's what you need to do:

  1. Configure CORS in AEM:

    • Open the AEM Web Console Configuration Manager (http://localhost:4502/system/console/configMgr).
    • Search for the "Adobe Granite Cross-Origin Resource Sharing Policy" configuration.
    • Enable the configuration and add the origin domain of the third-party Spring Boot application to the "Allowed Origins" field.
    • Optionally, you may also need to configure other CORS-related settings such as allowed headers and methods based on the requirements of the third-party application.

  2. Ensure the Assets HTTP API is accessible:

    • Make sure your Assets HTTP API endpoint is publicly accessible and does not require authentication or special permissions to access. This is necessary for the third-party application to make requests to the API.
    • Test the API endpoint directly using tools like cURL or Postman to ensure it returns the expected results.
  3. Adjust check dispatcher filter and cache setting as well for get APIs


Arun Patidar

View solution in original post

Views

365

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
3 Replies

Avatar

Correct answer by
Community Advisor
Community Advisor
3/21/24 2:55:58 AM

To allow the third-party Spring Boot application to access your AEM Assets HTTP API, you need to configure the necessary CORS (Cross-Origin Resource Sharing) settings in your AEM application. CORS enables web servers to specify which origins (domains) have permission to access its resources. Here's what you need to do:

  1. Configure CORS in AEM:

    • Open the AEM Web Console Configuration Manager (http://localhost:4502/system/console/configMgr).
    • Search for the "Adobe Granite Cross-Origin Resource Sharing Policy" configuration.
    • Enable the configuration and add the origin domain of the third-party Spring Boot application to the "Allowed Origins" field.
    • Optionally, you may also need to configure other CORS-related settings such as allowed headers and methods based on the requirements of the third-party application.

  2. Ensure the Assets HTTP API is accessible:

    • Make sure your Assets HTTP API endpoint is publicly accessible and does not require authentication or special permissions to access. This is necessary for the third-party application to make requests to the API.
    • Test the API endpoint directly using tools like cURL or Postman to ensure it returns the expected results.
  3. Adjust check dispatcher filter and cache setting as well for get APIs


Arun Patidar

Views

366

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 8
Level 8
3/21/24 3:02:43 AM
In response to arunpatidar

Thanks @arunpatidar   for the clarification.

 

What is the role of Apache Sling Referrer Filter? In this configuration, settings are not required? In what scenario, I need to configure/use the Referrer Filter?


I heard Adobe Granite Cross-Origin Resource Sharing Policy configuration was introduced from AEM 6.3? Correct me if I am wrong. 

 

Views

354

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
3/21/24 3:51:18 AM
In response to Mahesh_Gunaje

Hi @Mahesh_Gunaje 
When you have modification requests like POST, PUT etc calls, in that case you need to apply Apache Sling Referrer Filter changes 

Yes CORS changes you need to do



Arun Patidar

Views

335

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Passing parameters to Sling Model methods Solved

Views

107

Likes

0

Replies

2
The dynamic table previews correctly in HTML, but when converted to PDF, the page is cut off.

Views

37

Likes

0

Replies

0
How to Render the different version of Header for Specific Pages Using Experience Fragments in AEM?

Views

82

Likes

0

Replies

2
TemplatedResource binding to Resource

Views

126

Likes

0

Replies

7
Sitecore to AEM cloud migration reference implementation

Views

68

Likes

0

Replies

1