DocumentationAEM as a Cloud ServiceUser Guide

OpenAPI-Based APIs openapi-based-apis

Last update: Thu May 15 2025 00:00:00 GMT+0000 (Coordinated Universal Time)
  • Applies to:
  • Experience Manager as a Cloud Service

CREATED FOR:

  • Admin
  • Developer

Newer AEM as a Cloud Service APIs follow the OpenAPI specification, and thus offer a consistent and well-documented set of APIs.

NOTE
An end-to-end tutorial is a recommended resource to learn how to configure and invoke the OpenAPI-based AEM APIs.

For endpoints that require authentication, the authentication approach differs based on the endpoint, but may use OAuth Server-to-Server, OAuth Web App, or OAuth Single Page App (SPA). Credentials are configured through projects in Adobe Developer Console.

Common API use cases involve integrations with systems such as a CRM or PIM, where AEM APIs are invoked to retrieve or persist data. As part of the integration implementation, applications may subscribe to AEM-emitted events, which can trigger business logic in Adobe App Builder or other infrastructure.

This document serves as an overview, but more in-depth documentation is available in the following pages:

Configuring API Access configuring-api-access

Some OpenAPI-based AEM APIs need authentication, which requires credentials to be generated using Adobe Developer Console. Configuration involves the following steps:

  1. Modernization of the AEM as a Cloud Service environment.
  2. Enable access to the AEM APIs using Product Profiles. Product Profiles are associated with the Services that represent AEM user groups with predefined Access Control Lists (ACLs). While some services are associated with specific product profiles by default, others need to be explicitly associated; for example, the AEM Assets API Users Service is not associated with any Product Profile, so you must enable it to use AEM Assets API. For more information, see Enable AEM APIs access tutorial step.
  3. To add Server-to-Server authentication, the user setting up integration must be the organization’s system administrator in the Adobe Admin Console or added as a Developer to the Product Profile where the Service is associated. For more information, see Enable AEM APIs access tutorial step.
  4. Create an Adobe Developer Console (ADC) Project.
  5. Configure the ADC Project. This generates credentials that will be used later to exchange for a bearer token when invoking the API.
  6. Configure the AEM instance to enable ADC Project communication. This involves registering the client ID with the environment by configuring and deploying a YAML file, as described in the Registering a Client ID section below.

For detailed step-by-step instructions, see the Set up OpenAPI-based APIs tutorial.

Registering a Client ID registering-a-client-id

Client IDs scope the APIs in an Adobe Developer Console project to specific AEM environments. This is achieved as follows:

  1. Create a file named api.yaml or similar with a configuration like the snippet below, including the desired tiers (author, publish, preview). Client_id values should come from your Adobe Developer Console API project(s).

    The kind, version, and metadata properties are described in the Config Pipeline article. The kind property value should be set to API and the version property should be set to 1.

    code language-none 
    kind: "API"
version: "1"
metadata:
  envTypes: ["dev"]
data:
  allowedClientIDs:
    author:
      - "<client_id>"
    publish:
      - "<client_id>"
    preview:
      - "<client_id>"

  2. Place the file somewhere under a top level folder named config or similar, as described under Config Pipeline.

  3. For environment types other than RDE (which uses command line tooling), create a targeted deployment config pipeline in Cloud Manager, as referenced by this section in the Config Pipeline article. Note that Full Stack pipelines and Web Tier pipelines do not deploy the configuration file.

  4. Deploy the configuration.

recommendation-more-help
fbcff2a9-b6fe-4574-b04a-21e75df764ab