Restrict Developer Console OAuth API Credentials to enable only AEMaaCS Prod instance Environment variables | Community
Skip to main content
B
BhargavTh
Level 2
June 26, 2023
Solved

Restrict Developer Console OAuth API Credentials to enable only AEMaaCS Prod instance Environment variables

  • June 26, 2023
  • 1 reply
  • 913 views

Hi,

 

I'm using AIO Java SDK which uses OAuth Credentials and setting Environment variables.

 

Its working for Non prod and Prod.

 

But how to restrict the OAuth API Credentials to work only for Prod.?

 

 

 

Thanks,

Bhargav

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by BhargavTh

Correct Answer:

Open the AEM Cloud Service Developer Console by accessing the URL provided by your AEM Cloud Service environment.

  1. Log in to the Developer Console using your Adobe ID credentials.

  2. Once logged in, navigate to the "API Credentials" section or a similar section that allows you to manage API credentials.

  3. In the API Credentials section, you should see a list of existing credentials or an option to create new credentials. Locate the credentials for which you want to assign a non-prod environment profile.

  4. Edit the specific credentials you want to assign a non-prod environment profile to.

  5. Look for an option or field that allows you to specify the environment profile for the credentials. It might be labeled as "Environment Profile" or similar.

  6. Select the non-prod environment profile from the available options. The exact names and options will depend on your AEM Cloud Service configuration.

  7. Save or update the credentials to apply the changes.

By assigning the non-prod environment profile to the API credentials, you are specifying that these credentials are intended for non-production environments, such as development or testing environments. This can help differentiate and manage credentials specifically for non-prod environments within the AEM Cloud Service Developer Console.

1 reply

aanchal-sikka
Community Advisor
aanchal-sikkaCommunity Advisor
Community Advisor
June 26, 2023

hello @bhargavth 

 

In what context are you using the OAuth credentials from https://developer.adobe.com/console in AEM?

Aanchal Sikka
    B
    BhargavThAuthor
    Level 2
    June 26, 2023

    @aanchal-sikka 

    I have created a custom Maven plugin (Ex: as in https://www.baeldung.com/maven-plugin) and i'm using aio-lib-java-cloudmanager (  https://github.com/adobe/aio-lib-java-cloudmanager/tree/main ) maven dependency in POM and used the OAuth credentials created in developer console in this SDK .

    In Bamboo i'm using Maven task and configured this maven plugin. I'm reading client id, client secret from Bamboo variables.. Able to set environment variables,  run pipelines from Bamboo.The same OAuth credentials are working for Non Prod and Prod. 

     

    I want to create a seperate Bamboo job for Non prod and Prod. So that i can have restrictive access to Prod. But the same OAuth credentials are able to set environment variables for Prod, Non Prod as well.

     

    I don't see any way in Developer Console to control access to these OAuth credentials to work only for Non Prod and work only for Prod like that.

      aanchal-sikka
      Community Advisor
      aanchal-sikkaCommunity Advisor
      Community Advisor
      June 26, 2023

      @bhargavth 

       

      I guess you would have Cloud Manager API bound to this credential, like below:

       

       

      Can you try removing the "Business Owner - Cloud Service" from the Product profile and see if you can still access PROD?

       

       

      Aanchal Sikka
        Terms & ConditionsAccessibility statement

        Loading footer...