Expand my Community achievements bar.

Enhance your AEM Assets & Boost Your Development: [AEM Gems | June 19, 2024] Improving the Developer Experience with New APIs and Events
Learn More
SOLVED

how we can secure our Assets REST API?

Avatar

Level 4
Level 4
10/7/22 1:23:59 PM

I am working on AEM and SPA, here I want to use Assets REST API but want to know how I can secure our Assets REST API.

 

how we can configure OAuth with Assets REST API?

 

If there is any suggestion/example it will really helpful.

Views

529

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 2
Level 2
10/12/22 2:52:29 AM

Hi @Abhishekty : To take the advantage of the Oauth authentication mechanism, depending upon the use case, some custom development might be required.


Please refer the below article on How to Manage the Protected AEM Resources through OAuth 2.0
https://medium.com/tech-learnings/how-to-manage-the-protected-aem-resources-through-oauth-2-0-851ce4...

View solution in original post

Views

513

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
2 Replies

Avatar

Correct answer by
Level 2
Level 2
10/12/22 2:52:29 AM

Hi @Abhishekty : To take the advantage of the Oauth authentication mechanism, depending upon the use case, some custom development might be required.


Please refer the below article on How to Manage the Protected AEM Resources through OAuth 2.0
https://medium.com/tech-learnings/how-to-manage-the-protected-aem-resources-through-oauth-2-0-851ce4...

Views

514

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Employee Advisor
Employee Advisor
10/12/22 6:55:24 AM

@Abhishekty For reading yes it would be a good way to proceed with Oauth.

AEM provides three scopes:

  • Profile
  • Offline access
  • Replicate

AEM’s extensible OAuth scopes allow other custom scopes to be defined. For example, a custom scope can be developed and deployed to AEM.

 

have a look at the below samples:

 

https://experienceleague.adobe.com/docs/experience-manager-gems-events/assets/oauth-server-functiona...

 

https://github.com/Adobe-Consulting-Services/acs-aem-samples/tree/legacy/bundle/src/main/java/com/ad...

Views

503

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
AEM graphql API: 'Access-Control-Allow-Origin' header is not present on the graphql API Solved

Views

620

Likes

0

Replies

2
Unable to initialize model manager api with remote spa app with newly created typescript react app Solved

Views

531

Likes

0

Replies

1
How to get a Json for a page model which I am calling through customheaderlibs.html Solved

Views

508

Likes

0

Replies

1
how the js and css files are mapped to a component from ui.frontend? Solved

Views

708

Likes

0

Replies

5
how to achieve SSR rendering when using NextJS? Solved

Views

401

Likes

0

Replies

1