Expand my Community achievements bar.

Join us on September 25th for a must-attend webinar featuring Adobe Experience Maker winner Anish Raul. Discover how leading enterprises are adopting AI into their workflows securely, responsibly, and at scale.
SOLVED

Streaming API - with and without authentication

Avatar

Level 10

What is the difference when it comes to workflow with authentication and without?

WIth we needs to generate beforehand token?

Michael_Soprano_0-1751616405645.png

 

Topics

Topics help categorize Community content and increase your ability to discover relevant content.

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

Workflow with authentication is necessary when dealing with sensitive data or when you need to enforce access control. It provides security and ensures that only authorized users can interact with the system.


Without authentication is suitable for public data or services where security is not a concern. It simplifies access but lacks the protections provided by authentication.

 

Authentication related attributes need to be passed with the api request. Pls check the below article.
API authentication

View solution in original post

2 Replies

Avatar

Correct answer by
Community Advisor

Workflow with authentication is necessary when dealing with sensitive data or when you need to enforce access control. It provides security and ensures that only authorized users can interact with the system.


Without authentication is suitable for public data or services where security is not a concern. It simplifies access but lacks the protections provided by authentication.

 

Authentication related attributes need to be passed with the api request. Pls check the below article.
API authentication

Avatar

Level 5

With Authentication (ON):

Requires Adobe IMS access token (JWT or OAuth).
Secure and recommended for production.
Token sent via Authorization header.
Ensures controlled and auditable access.

Without Authentication (OFF):

No token needed; simpler setup.
Suitable for development or testing only.
Not secure — anyone with the endpoint can push data.