Adobe credentials for standalone actions execution | Community
Skip to main content
Urs_Boller
Community Advisor
Urs_BollerCommunity Advisor
Community Advisor
August 25, 2020
Solved

Adobe credentials for standalone actions execution

  • August 25, 2020
  • 1 reply
  • 1931 views

We successfully implemented a Firefly App that fetches data from an external API and writes data into Adobe Analytics (using the old API 1.4). This works perfekt since the action can use the UI-User credentials (read from params) like this:

const resHeaders = { "authorization": params.__ow_headers["authorization"], "x-api-key": params.__ow_headers["x-api-key"], "w-gw-ims-org-id": params.__ow_headers["w-gw-ims-org-id"], "x-api-key": params.__ow_headers["x-api-key"] }

 but where does the action gets the credentials if there is no UI providing the params? what "user/key" does it have to execute requests against Analytics API? or can I somewhere add credentials to manually set the desired values?
Thanks a lot for the support!

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by duynguyen_adobe

Hi @urs_boller , first of all it would be good to identify whether your app is an SPA or headless, as described in the Security Overview . I assume you have the `require-adobe-auth` flag set to true for your actions.

If it is an SPA, the user token must be passed from the Adobe Experience Cloud (ExC) Shell, specific to the user session you are logged in.

If it is a headless app, you need to pass a service token which is obtained with the JWT auth flow.

You could also use a user token in a headless app to call the backend services, as long as it has valid authorization and scopes. However, you can not use a service token to call backend services of an SPA, because the session has to be tied to a specific user.

Please let me know if something needs further clarification.

1 reply

D
Adobe Employee
duynguyen_adobeAdobe EmployeeAccepted solution
Adobe Employee
August 25, 2020

Hi @urs_boller , first of all it would be good to identify whether your app is an SPA or headless, as described in the Security Overview . I assume you have the `require-adobe-auth` flag set to true for your actions.

If it is an SPA, the user token must be passed from the Adobe Experience Cloud (ExC) Shell, specific to the user session you are logged in.

If it is a headless app, you need to pass a service token which is obtained with the JWT auth flow.

You could also use a user token in a headless app to call the backend services, as long as it has valid authorization and scopes. However, you can not use a service token to call backend services of an SPA, because the session has to be tied to a specific user.

Please let me know if something needs further clarification.

Urs_Boller
Community Advisor
Urs_BollerCommunity AdvisorAuthor
Community Advisor
August 25, 2020
Hi @duynguyen_adobe thanks for explanation. Yes, we are fully aware that using a webservice makes to action possible to run for everybody (but in this case this is ok). We are just looking for a way to have an action both accessible in the UI as well as running with the alarm package. so we will try to use a service account within the action whenever it runs. the action will only do something if it has not run already or if there has been an error in the last run. so just in case the action has run successfully and a user triggers the action in the UI (which might only be possible for admins), it would do nothing at all 🙂
Terms & ConditionsAccessibility statement

Loading footer...