SOLVED
OAuth scope not providing access to resource
Hi everyone,
I am trying to set up OAuth in AEM so that a third party app can access resources in /content/dam.
I've I have followed various guides, mainly this one: https://www.albinsblog.com/2017/07/exposing-resources-through-oauth-aem.html however as I'm using AEM 6.4.5 there is no "Adobe Granite OAuth Resource Server" to set the scope. Instead I've followed this ACS implementation to create an implementation of Scope and give read privileges to /content/dam: acs-aem-samples/SampleScopeWithPrivileges.java at master · Adobe-Consulting-Services/acs-aem-samples...
Here are my changes to the ACS example above:
public static final String BASE_PATH = "/content/dam";
/**
* Allow jcr:read (read-only) privileges
**/
private static final String[] privileges = {
"jcr:read"
};
I am able to get an access token through the OAuth flow, however when I then try to hit the Sling API using curl and passing the token, I can't see the resource:
However if i just use basic auth, I'm getting the content returned:
I'm using the admin user to authenticate the token, so I'm assuming this must be a scope issue. Does anyone have any suggestions on what could be wrong with the scope?
1 Accepted Solution
