Using AEM as a Frontend with a REST API



We are a set of Fullstack developers who are using Java Springboot and MySQL to develop backends with JWT authentication and use VueJS / ReactJS to develop single page frontend. We have also used Laravel views to develop our frontend applications to work with external APIs. 


Recently we have been provided with a project that enforces to use AEM for the development of a customer portal that allows customers to register with mobile number and OTP, view and manage their profile, send service requests to administrators and there has to be a separate admin portal which allows the administrators to log in and see customer requests and other administration work.


The system utilizes a lot of third party API from different services and we want to manage everything using a single backend. Following is the architecture we are planning to develop


HighLevel Stack.jpg


My questions are,

1. Is this a correct approach when developing with AEM as we are not utilizing many CMS features of it? 

2. Since REST APIs are being used, what are the methods that we can use which also caters JWT based authentication? (eg: how to save the user token, manage state etc)


Based on the client policies, we have to use AEM for any frontends and Managed SQL (provided by them) for the database.



AEM API jwt rest api

Accepted Solutions (1)

Accepted Solutions (1)



One solution can work in your scenario:

1. Use AEM only as CMS not for the frontend. From AEM side make API call to get the vary little data to be consumed by the server side and for the rest of the data, provide required information in the form of window object to frontend.

2. Use React to make the API call based on the data provided by AEM to generate the look and fill of the frontend.

Serverside call is expensive.


You can use some middle ware like APIGEE accomplish your API security needs.

Answers (1)

Answers (1)




1. See the Single Page Application (SPA) feature set for AEM, here is the React tutorial:


If that is too tightly integrated then see the headless CMS features of AEM:


2. Cookies are usually the simplest way to store a session.  However, I didn't read up much on JWT.  I would suggest doing research on existing implementations of Sling+JWT.


Some sample code on working with JWT tokens here: