Developing OAuth Scopes

Last update: 2024-01-25
  • Created for:
  • Experienced

Adobe Experience Manager’s extensible OAuth scopes allow for access control for resources from a client application that is authorized by an end user. The diagram below illustrates the request flow in the context of AEM.

Oauth Scopes Flow

AEM provides three scopes:

  • Profile
  • Offline access
  • Replicate

AEM’s extensible OAuth scopes allow other custom scopes to be defined. For example, a custom scope can be developed and deployed to AEM that allows a mobile app authorized via OAuth to be restricted to reading, but not writing assets.

OAuth is the preferred method of authorizing a client application since it uses an access token instead of requiring an AEM user’s credentials to be provided to that application.

On this page