How to set up Adobe IO: Authentication - Step by Step



How to generate an Adobe IO bearer token to run API calls for digital marketing solutions like Target.


Steps to Create Bearer Token to Run Adobe IO API calls:

  1. Generate private key and public certificate
  2. Create integration within the Adobe IO console
  3. Generate JWT token
  4. Exchange JWT token for an Access Bearer token
  5. User Access Bearer token to run API calls
  • Generate private key and public certificate per the following documentation:
    On a Mac, the following commands are built in terminal.

    On a computer, you have to download Cygwin (or other tool of personal preference) and run it from command line. Here are the steps to download and install Cygwin:

    1. Browse to
    2. Download and run setup-x86_64.exe

    *Note:  Your home directory  is: C:\cygwin64\home\WINDOWSUSER

    You can search for and install additional packages during the install phase. I recommend installing everything related to “curl” and “ssh.”*
    Here is the command to run:

    $ openssl req -nodes -text -x509 -newkey rsa:2048 -keyout secret.pem -out certificate.pem -days 356

    Note:  It asks you several questions that you have to fill out to generate the certificate; see screenshot below:rtaImage

      After the files have been created, you convert the secret.key to secret.pem using the following command:

    $ openssl pkcs8 -topk8 -inform PEM -outform DER -``in secret.pem  -nocrypt secret.key

  Here are the files that are created on your file system (you may move these files to another location on your machine at this point for organization):
rtaimage_1_ Note:
The files are generated in your home directory: C:\cygwin64\home\WINDOWSUSER

  • Create integration within the Adobe IO console:


- Select "Access an API" option, then click "continue."


- Select Adobe Solution (currently only available for Target).

<b>Note:</b> User must be a user of the Experience Cloud AND have access to that solution.


- Select "New integration" and click "Continue."


- Fill out integration form.


- Drag "certificate.pem" from file system into form to upload.
- Once the file is uploaded, click "Create integration" button - see screenshot: fileuploaded_createint.
- When processing is complete, click "continue to integration details."


Success! You have now created an integration.

  • Generate JSON Web Token (JWT):

    In the Integration UI, click the JWT tab, paste in private key, click Generate JWT button - see screenshot: generating JWT - input.

    • Once it is generated, you see the JWT and a sample CURL command.
    • Click “copy” icon below “Generated JWT.”
  • Exchange JWT for Bearer Access Token:
    Note: If you run this on a Mac terminal, the response seems to get truncated. Instead, use Postman.

    • Download and install free API tool named “Postman” (available on Mac, Windows, or Linux):
    • Import this API call into Postman by copying the code below into a text file on your computer with a .json extension:


| `{``"id"``:``"f6854718-2800-64a8-238e-e785e344f6cf"``,``"name"``:``"Exchange JWT for Bearer token"``,``"description"``:``""``,``"order"``:``"048b6fc7-f1db-5028-ff21-45778613e2c5"``,``"folders"``:,``"folders_order"``:,``"timestamp"``:1516812553075,``"owner"``:``"860614"``,``"public"``:``false``,``"events"``:,``"variables"``:,``"auth"``:null,``"requests"``:{``"id"``:``"048b6fc7-f1db-5028-ff21-45778613e2c5"``,``"name"``:``"Exchange JWT for Bearer token"``,``"collectionId"``:``"f6854718-2800-64a8-238e-e785e344f6cf"``,``"method"``:``"POST"``,``"description"``:``"JWT exchange flow"``,``"headers"``:``""``,``"dataMode"``:``"params"``,``"data"``:{``"key"``:``"client_id"``,``"value"``:``"0fa5e762277c414f903649dd51424ac6"``,``"type"``:``"text"``},{``"key"``:``"client_secret"``,``"value"``:``"9ff026f2-dfa4-4228-8dfa-11d809d4706b"``,``"type"``:``"text"``},{``"key"``:``"jwt_token"``,``"value"``:``"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJleHAiOjE0ODg4ODMzMzIsImlzcyI6IjY1NzhBNTU0NTZFODRFMjQ3RjAwMDEwMUBBZG9iZU9yZyIsInN1YiI6IjlDQjEyOTlENThCM0VDNkYwQTQ5NUM3RkB0ZWNoYWNjdC5hZG9iZS5jb20iLCJhdWQiOiJodHRwczovL2ltcy1uYTEuYWRvYmVsb2dpbi5jb20vYy8wZmE1ZTc2MjI3N2M0MTRmOTAzNjQ5ZGQ1MTQyNGFjNiIsImh0dHBzOi8vaW1zLW5hMS5hZG9iZWxvZ2luLmNvbS9zL2VudF9zbWFydGNvbnRlbnRfc2RrIjp0cnVlfQ.LwiDDjhwUfZ2ap89vfWd2ZVnfG-FwpQplKvzEecTLua_hvGNfQAZBPTHbVaXICPkeNjr41cRUr_OmNuOmtFOwVokUjd5rQCaGOqBNWWKPAyAAdXhBdE05oFa2Gar6adytKv-vf7gAnVQbv-PUADbCCtmxoOygbafXi9V3ZHz1FBwPJ8vpnZH4Il3zVf420XwnzLa9IB02nUciG_fQ0b1Qgj429Yi7m-lhW--2bMZKyNdSnioNaICFg6ASY1vnNm1zICPla224K_Lwzbrye8itgQStRUp1mH53Ww36xzqVxNIYLQCEoI9qxAJlR0HQhaXeSPrU9PmcExIyKBim2CZzg"``,``"type"``:``"text"``},``"rawModeData"``:``""``,``"url"``:``"https:\/\/\/ims\/exchange\/jwt\/"``,``"responses"``:,``"pathVariableData"``:,``"queryParams"``:,``"headerData"``:,``"auth"``:null,``"collection_id"``:``"08283cc0-461e-155c-e07f-ca64bae1dcae"``,``"isFromCollection"``:``true``,``"collectionRequestId"``:``"29f7fc5f-7e6d-01d4-de86-2f273b8a6429"``,``"currentHelper"``:null,``"helperAttributes"``:null}}` |
| --- |

Example filename: exchangeJwt.json
- Import file into Postman by going to file  Import: you can drag-and-drop the .json file here or browse for the file.
- This creates a "collection" in Postman on the left side, with one API call in it named "Exchange JWT for Bearer token."
- Click the API call "Exchange JWT for Bearer token."
- In the main section of the UI, this is what you see:

<img src="" alt="rtaimage_16_" title="rtaimage_16_">

  Note: as highlighted in red above, I’m in the “Body” tab. If you are in another tab, you do not see the three pieces of information that are required.

Info Needed:

<b>client_id</b>: get from Integration overview page

<b>client_secret</b>: generate on Integration overview page

<b>jwt_token</b>: paste in generated JWT token that you copied in previous step

Click "Send."

The bearer token is retrieved, which is used to make API calls.
<img src="" alt="rtaimage_17_" title="rtaimage_17_">

  The access_token is what is used as part of the API calls you intend to run.


| `"access_token"``: ``"eyJ4NXUiOiJpbXNfbmExLWtleS0xLmNlciIsImFsZyI6IlJTMjU2In0.eyJpZCI6IjE1MTY3NDgxNjU5MzZfMjdiNTkwYmUtYjVlYy00ZjhiLTkzNWEtZTAyMjZmYTZiYTk1X3VlMSIsImNsaWVudF9pZCI6IjQyOTkxMzRlNzRkNTRkNTZhY2YyYTc4YjcyYTdlNDFlIiwidXNlcl9pZCI6IjkwNTEyQTlDNUE2N0I3ODEwQTQ5NUM5NEB0ZWNoYWNjdC5hZG9iZS5jb20iLCJ0eXBlIjoiYWNjZXNzX3Rva2VuIiwiYXMiOiJpbXMtbmExIiwiZmciOiJTRDRZQUNZSEhQSDdPRkFBQUFBQUFBQUFFST09PT09PSIsIm1vaSI6IjM3NTliZjQxIiwiYyI6IndTVTd3b1hIZkZSQk5xQmo3M2Z4anc9PSIsImV4cGlyZXNfaW4iOiI4NjQwMDAwMCIsInNjb3BlIjoib3BlbmlkLEFkb2JlSUQsdGFyZ2V0X3NkayxyZWFkX29yZ2FuaXphdGlvbnMsYWRkaXRpb25hbF9pbmZvLnByb2plY3RlZFByb2R1Y3RDb250ZXh0IiwiY3JlYXRlZF9hdCI6IjE1MTY3NDgxNjU5MzYifQ.fVJVREKZH3PM71-Y05Kkqqxq_O_z7BL5NL6S4ypNoSwLuqR9WOiXsF0GYcWZr6oO-jgYj8WrRePQLkg4GSoVthSbbXU6aqajPV2TsFNHpXRuJFBhql0e2eVCEE_pVI9O_uCa8RloGjJuFyyEAvroQFEIJzC7Q-OAnkXMT7xD-3r1cEV2xP_N3s86t34M5udO4fjas3RCJtAS1BEZOotlF_rB0kfvCZR9Krf-SVi_VedpsK7ipoJGfs7CLdN-_a4YGTC2CBJXwdK-4T0QJRkWedr8ooS0tzzfVcQ4WEZfw1edi-OYSuIbXf-Obl5R9NCzi5RMceiGTyGMyRrEcmy3WQ"` |
| --- |
  • Example API call:

    • Target
    • Run Target call with access token

On this page