Dispatcher filters

Last update: 2023-12-04
  • Created for:
  • Intermediate
    Developer

Adobe Experience Manager as a Cloud Service uses AEM Publish Dispatcher filters to ensure only requests that should reach AEM do reach AEM. By default all requests are denied, and patterns for allowed URLs must be explicitly added.

Client type Single-page app (SPA) Web Component/JS Mobile Server-to-server
Requires Dispatcher filters configuration
TIP

The following configurations are examples. Ensure you adjust them to align to the requirements of your project.

Dispatcher filter configuration

The AEM Publish Dispatcher filter configuration defines the URL patterns allowed to reach AEM, and must include the URL prefix for the AEM persisted query endpoint.

Client connects to AEM Author AEM Publish AEM Preview
Requires Dispatcher filters configuration

Add an allow rule with the URL pattern /graphql/execute.json/*, and ensure the file ID (for example /0600, is unique in the example farm file).
This allows HTTP GET request to the persisted query endpoint, such as HTTP GET /graphql/execute.json/wknd-shared/adventures-all through to AEM Publish.

If using Experience Fragments in your AEM Headless experience, do the same for these paths.

  • dispatcher/src/conf.dispatcher.d/filters/filters.any
...
# Allow headless requests for Persisted Query endpoints
/0600 { /type "allow" /method '(POST|OPTIONS)' /url "/graphql/execute.json/*" }
# Allow headless requests for Experience Fragments
/0601 { /type "allow" /method '(GET|OPTIONS)' /url "/content/experience-fragments/*" }
...

Example filters configuration

On this page