Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JWT (june 3) release #136

Merged
merged 4 commits into from
May 28, 2024
Merged

JWT (june 3) release #136

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
f770aa8
Replacing screenshot for certificate regeneration and adding an inlin…
theManikJindal May 28, 2024
684f7ab
removing references to JWT, also renamed OAuth credentials to be OAut…
theManikJindal May 28, 2024
205a537
missed a few things for user auth credentials
theManikJindal May 28, 2024
b6d6bdf
removing last references to JWT
theManikJindal May 28, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions gatsby-config.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,16 +80,16 @@ module.exports = {
title: "Services",
pages: [
{
path: "guides/services/services-add-api-jwt.md",
title: "Add API using Service Account (JWT)"
path: "guides/services/services-add-api-oauth-s2s.md",
title: "Add API using OAuth Server-to-Server credential"
},
{
path: "guides/services/services-add-api-key.md",
title: "Add API using API Key"
title: "Add API using API Key credential"
},
{
path: "guides/services/services-add-api-oauth.md",
title: "Add API using Oauth"
title: "Add API using OAuth User authentication credential"
},
{
path: "guides/services/services-add-event.md",
Expand Down
26 changes: 15 additions & 11 deletions src/pages/guides/credentials.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,35 +10,39 @@ To view credentials for events, select the specific event registration from the

## Credential details

You can select a specific API from the left navigation to view its details or you can select a credential type under *Credentials* in the left navigation in order to view the *Credential details* and perform other actions (generate JWT tokens, copy credential details, retrieve client secrets, etc.) as needed.
You can select a specific API from the left navigation to view its details or you can select a credential type under *Credentials* in the left navigation in order to view the *Credential details* and perform other actions (generate access tokens, copy credential details, retrieve client secrets, etc.) as needed.

If multiple services have been added to the project or workspace using the same credentials, they will each be listed under the *Connected products and services* on the right-hand side of the details tab.

For example, selecting **Service Account (JWT)** under *Credentials* will open the *Credential details* for all products and services connected using JWT.
For example, selecting **OAuth Server-to-Server** under *Credentials* will open the *Credential details* for all products and services connected using this credential.

![](../images/credentials-details.png)

## Generate JWT
## Generate Access token

If you selected **Service Account (JWT)** under *Credentials* you will be presented with the *Credential details* for all products and services connected using JWT.
If you selected **OAuth Server-to-Server** under *Credentials* you will be presented with the *Credential details* for all products and services connected using this credential.

You can also select **Generate JWT** in order to view a sample *JWT Payload* or *Generate custom JWT* by copying and pasting your private key into the available field and choosing **Generate Token**.
To generate a token, click on the button "Generate access token"

![](../images/credentials-generate-jwt.png)
![](../../images/services-api-oauth-s2s-generate-token-2.png)

If successful, the *Generated JWT* will be visible as well as a *Sample cURL command*. You can select *Clear generated JWT* in order to clear the screen and generate a new token.
You can also view the cURL command you could use to generate access tokens programmatically.

![](../images/credentials-generated-jwt.png)
![](../../images/services-api-oauth-s2s-view-curl-command.png)

## OAuth
You can also view the scopes per service to generate an access token that only works for a subset of services in your project.

By selecting **OAuth** under *Credentials*, you will be shown all products and services connected to your project using OAuth 2.0 authenication and authorization.
![](../../images/services-api-oauth-s2s-view-scopes.png)

## OAuth User authentication

By selecting an OAuth User authentication credential under *Credentials*, you will be shown all products and services connected to your project using OAuth 2.0 authenication and authorization.

From here, you can view and copy the *Client ID*, retrieve the client secret, and view the *Platform* type as well as the *Redirect URL*.

Within the *Credential details* screen you can also choose to download the OAuth JSON file, edit the credential, or delete the credential using the buttons provided in the top-right corner of the screen.

![](../images/credentials-oauth-web.png)
![](../../images/services-api-oauth-user-auth-credential-overview.png)

## API key

Expand Down
4 changes: 4 additions & 0 deletions src/pages/guides/email-alerts/cert-expiry.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,10 @@ The certificate key pairs generated on the Developer Console expire after a year

Upon receiving the email alert, you need to replace the expiring certificate key pair with a new pair in a timely fashion to ensure all your custom integrations and applications continue to work. See this step-by-step guide on replacing certificate key pairs for more detailed instructions.

<InlineAlert slots="text"/>

Service Account (JWT) credentials have been deprecated in favor of the OAuth Server-to-Server credentials. Your applications using the Service Account (JWT) credentials will stop working after Jan 27, 2025. **You must migrate to the new credential by Jan 27, 2025 in order to ensure your application continues to function. View our [migration guide](../ServerToServerAuthentication/migration.md) to know more.**

## A step-by-step guide to replacing expiring certificate key pairs

### Step 1: Identify application and Project maintainers
Expand Down
10 changes: 7 additions & 3 deletions src/pages/guides/services/index.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,10 +24,14 @@ Access to some APIs is based on licenses. Meaning either the licenses your compa

APIs can be connected to your app in multiple ways, depending on the API or the type of app that you are building. Occasionally APIs will provide multiple connection options, allowing you to choose the type of connection that works best for your application. To learn more about each of these authentication methods or API connections, read the [authentication documentation](../authentication/index.md).

* [Add an API using Service Account (JWT) authentication](services-add-api-jwt.md)
* [Add an API using OAuth authentication](services-add-api-oauth.md)
* [Add an API using OAuth Server-to-Server credential](services-add-api-oauth-s2s.md)
* [Add an API using OAuth User authentication credential](services-add-api-oauth-user-authentication.md)
* [Add an API using API Key authentication](services-add-api-key.md)

<InlineAlert slots="text"/>

See our [authentication guide](../authentication/index.md) to learn about the available credential types.

### Add Event

Adobe I/O Events allow you to receive notifications of real-time events taking place in Adobe services. To add this service to your project you must register a webhook, to which Adobe I/O Events sends HTTP POST requests containing the details of each event. Using Events, you can build event-driven applications that integrate with Adobe. To learn more about Adobe I/O Events, read the [Events documentation](https://www.adobe.com/go/devs_events).
Expand All @@ -52,7 +56,7 @@ Occasionally you may need to remove a service once it has been added to your pro

Once you have successfully added APIs to your project or workspace, you can return to the **Project overview** (or **Workspace overview** in a templated project) at any time to view the details for that API and any other project services you may have added. You can select the specific API from the left navigation to view its details or remove the API using the **Remove API** button in the top-right corner.

You can also select the specific credential type from the left navigation to view the **Credential details** and perform other actions (generate JWT tokens, copy credential details, retrieve client secrets, etc.) as needed. For more information on accessing credentials, please read the [credentials overview](../credentials.md).
You can also select the specific credential type from the left navigation to view the **Credential details** and perform other actions (generate access tokens, copy credential details, retrieve client secrets, etc.) as needed. For more information on accessing credentials, please read the [credentials overview](../credentials.md).

To view credentials for events, select the specific event registration from the left navigation and select the **Credentials** tab. For more information on working with events, including viewing event credentials, follow the guide for [adding Events to your project or workspace](services-add-event.md).

Expand Down
112 changes: 1 addition & 111 deletions src/pages/guides/services/services-add-api-jwt.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,115 +1,5 @@
# Add API to project using Service Account (JWT)

Adding an API to an empty project is the same whether you are working in a personal or enterprise project. Adding an API to a templated project is similar, with one small variation: APIs are added to individual workspaces, not to the project as a whole.

To begin adding an API from within a templated project, first select the appropriate workspace to open the *Workspace overview*. Then, select **+ Add Service** in the left navigation and choose **API** from the dropdown.

In an empty project, select **+Add to Project** in the left navigation of the *Project overview* and then choose **API**, or select **Add API** from the quick start buttons.

![](../../images/services-add-to-project.png)

## Add an API

Using REST APIs allows your application to make calls to Adobe services and products. The *Add an API* dialog shows a list of available services with the default *View by* setting to show only those services available to you.

<InlineAlert slots="text"/>

Many services are only available through paid licenses or subscriptions. Licenses and subscriptions can refer to either your organization or your personal licenses if you are building a personal project. For this reason, if you select "All" from the *View by* dropdown, you may notice that several services appear greyed out in the list. If you believe that you should have access to one of these disabled services, please speak with your system administrator or Adobe sales representative.

![](../../images/services-add-api.png)

Once you have found and chosen an API that you would like to add, select **Next** to begin configuring the API.

![](../../images/services-select-api-jwt.png)

## Configure API

A service account (JWT) integration lets your application call Adobe services on its own behalf, or on the behalf of an enterprise organization. For this type of integration, a JSON Web Token (JWT) must be created that includes your credentials. You will then begin each session by exchanging the JWT for an access token. For more information, please read the [JWT Authentication documentation](../authentication/JWT/index.md).

### Create a new service account (JWT) credential

There are two options for creating the necessary credentials:

1. **Generate a key pair:** Adobe Developer Console generates a public/private key pair for you. This private key is not stored within Console, but it is automatically downloaded to your device.

In order to proceed with generating a key pair, choose Option 1 and then select **Generate keypair**.

2. **Upload your public key:** Create your own public/private key pair through terminal and upload your public key. To learn more, see the documentation on [creating a private key and public certificate](../authentication/JWT/JWTCertificate.md).

To upload your own public key, drag and drop a file from your computer or use *Select a File* to choose the file that you would like to use. Then select **Next** to proceed.

![](../../images/services-api-jwt-create.png)

If you select Option 1 to **Generate a key pair**, immediately upon selecting the **Generate keypair** button, a file is downloaded to your computer containing your private key, as well as all of your app settings.

If you select Option 2, you will be required to drag and drop or select your public certificate from your computer.

<InlineAlert slots="text"/>

Adobe does not record your private key, therefore you must make sure to securely store it. This includes downloaded private key files from Console or files generated elsewhere.

The public key is now visible, including an option to download the key, upload another public key, or generate another key pair.

If the selected API configuration is complete, a **Save configured API** button appears in the bottom right corner of the dialog. Selecting **Save configured API** will complete the configuration for the API. You can now proceed to the [API overview](#api-overview) section later in this guide.

Otherwise, please proceed to the next section on [selecting product profiles](#select-product-profiles).

![](../../images/services-api-jwt-keypair.png)

## Select product profiles

If necessary, you will continue configuring the API by choosing from a list of available product profiles. Your integration's service account will gain access to granular features of the Adobe product based on the product profiles that you select.

As product profiles are selected, they appear in the left navigation under *Product Profiles*. Once you have selected at least one profile, the **Save configured API** button will become available.

Continue selecting all required product profiles and, once complete, select **Save configured API** to complete the configuration.

![](../../images/services-api-jwt-choose-profiles.png)

## API overview

With the API configured, you are redirected to the API overview, providing links to documentation, the ability to download files in order to experiment with the API using Postman, and a dialog allowing you to generate an access token by providing your private key.

You can also elect to remove the API on this screen using the **Remove API** button or, if the API includes product profiles, edit the profiles selected during configuration.

![](../../images/services-api-jwt-added.png)

## Quota usage

Select APIs specify a quota, or fixed allowance, for usage. Often this is tied to trial programs that provide free credentials in order to test out a service. These trials provide a quota that is generous enough to get you up and running. Quota may also be tied to a specific agreement, outlining the amount of quota available and timelines for its use.

For APIs that provide a quota, a *Quota usage* section will appear at the top of the API overview when the API is selected in the left navigation.

For more information on quota usage, please visit the [quota usage overview](../quota.md).

![](../../images/quota-usage.png)

## Generate token

To generate a token, copy and paste your private key into the *Private key* field and select **Generate token**.

![](../../images/services-api-jwt-generate-token.png)

If the private key is correct, an access token will appear along with the ability to **Copy** the token for use.

![](../../images/services-api-jwt-token.png)

## Credentials

Now that you have added an API, you can return to the *Project overview* (or *Workspace overview* in a templated project) at any time to view the details for that API and any other project services you may have added.

You can select the specific API from the left navigation to view its details or remove the API using the **Remove API** button in the top-right corner.

You can also select the specific credential type from under *Credentials* in the left navigation to view the *Credential details* and perform other actions (generate JWT tokens, copy credential details, retrieve client secrets, etc.) as needed. For more information on accessing credentials, please read the [credentials overview](../credentials.md).

## Insights

Adobe Developer Console automatically generates valuable insights related to API usage for each enterprise project (or individual workspace when working in a templated project), as well as for each personal project, including XD Plugins.

To learn more about insights, begin by reading the [insights overview](../insights.md).

## Next steps

With an API successfully added, you can follow the same workflow steps to add additional APIs, or return to the [services overview](../services/index.md) to select another type of service to add to your project.

If you have completed development on your project and are ready to submit your application for approval, please read the [project approval guide](../projects/approval.md) to get started.
Service Account (JWT) credentials have been deprecated in favor of the OAuth Server-to-Server credentials. View our [migration guide](../ServerToServerAuthentication/migration.md) to know more. The new version of this guide that uses OAuth Server-to-Server credentials is now available here - [**Add API to project using OAuth Server-to-Server credentials**](../services/services-add-api-oauth-s2s.md).
Loading
Loading