Documentation

How to obtain access tokens using AEM-CS API client code sample

Last update: Tue Oct 14 2025 00:00:00 GMT+0000 (Coordinated Universal Time)

Learn how to obtain an access token for AEM as a Cloud Service using the AEM-CS API client code sample, enabling external applications to perform operations on AEM Author or Publish via HTTP.

Description description

Environment

Adobe Experience Manager as a Cloud Service (AEMaaCS)

Issue/Symptom(s)

In AEM as a Cloud Service, you need an access token for external applications, systems, and services to perform operations on AEM Author or Publish via HTTP.

You can obtain the access token by generating a JSON Web Token (JWT) from service credentials and exchanging it.

The AEM-CS API client code sample helps simplify this process. This article explains how to obtain an access token using the AEM-CS API client code sample.

Resolution resolution

Obtain the AEM-CS API client code sample from the GitHub repository (https://github.com/adobe/aemcs-api-client-lib).

Download service credentials from the Developer Console of AEM as a Cloud Service.

Execute the AEM-CS API client code sample with the service credentials to receive an access token.

Steps to Reproduce

Step 1. Setup

Step 1-1. Open the AEM Developer Console for the target AEM environment in Cloud Manager

Step 1-2. Download the service credentials as a JSON file from Integrations > Technical Accounts > Create a new technical account

Example of service credentials:

{
        "ok": true,
        "integration": {
            "imsEndpoint": "ims-na1.adobelogin.com",
            "metascopes": "ent_aem_cloud_api",
            "technicalAccount": {
            "clientId": "cm-p12345-e6789-integration",
            "clientSecret": "123...789"
            },
            "email": "ABC...@techacct.adobe.com",
            "id": "DEF...@techacct.adobe.com",
            "org": "GHI...@AdobeOrg",
            "privateKey": "-----BEGIN RSA PRIVATE KEY-----\r\n...\r\n-----END RSA PRIVATE KEY-----\r\n",
            "publicKey": "-----BEGIN CERTIFICATE-----\r\n...\r\n-----END CERTIFICATE-----\r\n"
        },
        "statusCode": 200
        }

Step 1-3. Save the downloaded JSON file e.g. downloaded_integration.json on a server where Node.js is installed

Step 1-4. Download the AEM-CS API client code sample on the server

$ git clone https://github.com/adobe/aemcs-api-client-lib.git

Step 2. Run the Tool

Step 2-1. Execute the AEM-CS API client code sample

$ cd aemcs-api-client-lib

   $ node cli.js exchange <path-to>/downloaded_integration.json

Example response:

>> post /ims/exchange/jwt

<< post /ims/exchange/jwt 200

{
   "token_type": "bearer",
   "access_token": "eyJ4...F4MAA",
   "expires_in": 86399999
   }

Step 2-2. Extract the value of access_token from the standard output and use it for access operations in AEM as a Cloud Service

Example access:

$ curl -H "Authorization: Bearer eyJ4...F4MAA" "https://author-p12345-e6789.adobeaemcloud.com/content/wknd/us/en.json"
   {"jcr:created":"Wed Feb 22 2023 04:07:45 GMT+0000","jcr:createdBy":"admin","jcr:primaryType":"cq:Page"}
recommendation-more-help
3d58f420-19b5-47a0-a122-5c9dab55ec7f