Expand my Community achievements bar.

Adobe Summit 2025: AEM Session Recordings Are Live! Missed a session or want to revisit your favorites? Watch the latest recordings now.
Watch Now!

Need best authentication model to access content

Avatar

Level 1
Level 1
4/20/25 4:24:19 AM

Attached is the sample data that we need to expose to internet. We need to include all our assets in the json file. (.json is file not attachable in this. so I put it in .pdf)

 

Initially we had a scheduler in author which will scan all the assets and put it in /content/dam/assets.json and publish the asset.json.

Later the thridparty system can access by https://www.mydomain.com/content/dam/assets.json.

 

Now we have a requirement that we need to include the private assets(we maintain a field in asset metadata) also in the asset.json.

In this case we cannot show the private asset path in the assets.json.

 

We are looking for some authentication model so that the thirdparty system will be authenticated and access the /content/dam/assets.json.

 

Note:

1) we can change the path of  /content/dam/assets.json 

2) we can do the the authentication either in author or publish.

 

we need a solution for this.

 

 

 

Views

242

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
2 Replies

Avatar

Community Advisor and Adobe Champion
Community Advisor and Adobe Champion
4/21/25 6:15:42 AM

Hey,

 

The right solution depends on your security setup. The easiest option is to go with Basic Authentication—just include a username and password in the request and protect your endpoint with those.

A better and more secure approach is using Service Credentials, but this only works if you're on AEM as a Cloud Service (AEMaaCS). You can check it out here: https://experienceleague.adobe.com/en/docs/experience-manager-learn/getting-started-with-aem-headle...

 

If you want to go all-in on security, you can enable OAuth 2.0 and use access tokens. It’s more complex to set up, but definitely more secure. Here’s a guide: https://medium.com/tech-learnings/how-to-manage-the-protected-aem-resources-through-oauth-2-0-851ce...

 

For your use case, I think Service Credentials should work just fine.

 

Hope this helps.

 


Esteban Bustamante

Views

192

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 1
Level 1
4/26/25 2:07:56 AM
In response to EstebanBustamante
Thanks Esteban Bustamante for you reply. unfortunately ours is not AEMasCS. Still we use OnPrem version managed by AMS.

I can go with Oauth2.0 in author, but new serviceaccount is created under useradmin everytime we generate token. is there a way to control creating new useraccount?

Views

131

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
How to quickly set up dispatcher locally for AEM AMS using AEM Cloud SDK?

Views

20

Likes

0

Replies

1
ACL Permissions to be added or modified

Views

34

Likes

0

Replies

2
Retrieve AEM JMX console metrics programmatically and ship to CloudWatch service

Views

35

Likes

0

Replies

0
Extend WCM Core Teaser component - Customize Authoring Dialog to Add New Fields

Views

80

Likes

0

Replies

3
AEM assets : how to identify asset expiry date: isAssetExpired boolean from where this can resolved

Views

90

Likes

0

Replies

3