Expand my Community achievements bar.

Guidelines for the Responsible Use of Generative AI in the Experience Cloud Community.

OAuth Server-to-Server credential Integration with aio

Avatar

Level 2

Hi,

 

With Service Account (JWT) credential, by following below commands we are able to configure credential and private key.

 

aio config:set jwt-auth PATH_TO_CONFIG_JSON_FILE --file --json

aio config:set jwt-auth.jwt_private_key PATH_TO_PRIVATE_KEY_FILE --file

 

But as per new update from adobe this feature is deprecated and we need to go with  OAuth Server-to-Server credential. How can I configure oauth with aio ?

12 Replies

Avatar

Community Advisor

Hello @sanith 

 

OAuth is not currently supported for AEM. Please raise a support ticket to confirm the same.


Aanchal Sikka

Avatar

Level 2

Thanks for the update.

In my case, I need to trigger the Cloud Manager build pipeline and fetch the build logs using aio command. To achieve this in a fully automated environment, I want to configure the authentication details. Previously, it was possible to use JWT for authentication, which allowed skipping the browser-based authentication process that 'aio login' requires.

Avatar

Level 2

Hello @sanith ,

 

Thanks for posting this question. I am trying to implement the same in my project. We are using Jenkins to push the code from local to Adobe cloud manager using aio-cli. Can we use oauth server to server credentials for the same?

Thanks!

Avatar

Level 2

No luck at all. I checked with our Adobe CSE as well so waiting for the update

Avatar

Level 1

I am going to go the JWT route for now. I know it will disable jan. 1st, 2025. 

 

I can only assume oauth will have to work before JWT can be disabled.

 

i will make a ticket as well and we can compare notes here

Avatar

Level 3

@gmalagondla @sanith I'm in the same boat. Please let me know if you receive any update from them ?

My JWT token were nearing expiry and we decided to migrate to OAuth instead of refreshing the token.

 

Looks like we can't go back to using JWT tokens once the migration has happened

 

Affecting our build automation which pushes code to cloudmanager and tailing logs.

Avatar

Level 5

Hi!

Any news about oauth authentication with AIO CLI?

Avatar

Level 2

So just so I understand this correctly. 

 

You have deprecated JWT, and in every piece of documentation I can find, is in big letters "Do not use. Deprecated". 

WadeGa_0-1701139102347.png

 

 

And yet you have provided absolutely no alternative to use OAuth for Server to Server authentication in the AIO CLI? 

 

And to add insult to injury, as others have pointed out. Adobe's Cloud Manager product is so limited that for anything beyond deploying a 5 page website, you *have* to integrate with an external pipeline product (Jenkins, TeamCity, Azure Devops, etc). And the only realistic way to do that is to use Adobe IO CLI. And this has been confirmed as such from Adobe's own support. And yet you provide absolutely no way to achieve this other than trying to convince my operations team that it's totally OK to use a deprecated service? 

Avatar

Level 2

@subsul1 @Julio_Baixauli @WadeGa @sanith @mpep ,

 

I am on the same boat. 

We are also using service account to pull adobe cloud logs into our linux server. I have migrated the service account o oauth server to server account. however it is not working. In oauth account private key option is not there. 

Do you guys got any fix for this issue. 

 

Thanks,

Avatar

Employee

Hello all,

 

I think the Cloudmanger team is aware of the JWT deprecation and i guess is actively working on implementing Oauth into AIO console for such automations.

There were several request coming in though the support portal throughout the last 6 months.


I was just informed that the implementation of Oauth is complete and ready to use. 
See: https://github.com/adobe/aio-cli-plugin-cloudmanager?tab=readme-ov-file#setup-for-oauth-integration