Documentation AEM as a Cloud Service User Guide

OpenAPI-Based APIs

Last update: May 15, 2025

Applies to:
Experience Manager as a Cloud Service

Topics:
Developing

CREATED FOR:

Admin
Developer

Newer AEM as a Cloud Service APIs follow the OpenAPI specification, and thus offer a consistent and well-documented set of APIs.

NOTE

An end-to-end tutorial is a recommended resource to learn how to configure and invoke the OpenAPI-based AEM APIs.

For endpoints that require authentication, the authentication approach differs based on the endpoint, but may use OAuth Server-to-Server, OAuth Web App, or OAuth Single Page App (SPA). Credentials are configured through projects in Adobe Developer Console.

Common API use cases involve integrations with systems such as a CRM or PIM, where AEM APIs are invoked to retrieve or persist data. As part of the integration implementation, applications may subscribe to AEM-emitted events, which can trigger business logic in Adobe App Builder or other infrastructure.

This document serves as an overview, but more in-depth documentation is available in the following pages:

The links from the OpenAPI-based API section of reference documentation. Each API’s reference documentation also includes an API playground, which makes it easy to try out an endpoint using a bearer token generated with the Adobe Developer Console.
Informational Guides, including API concepts and syntax.
A top-level tutorial describing authentication approaches and other concepts.
A tutorial with video focused on how to configure the OpenAPI-based APIs.
An end-to-end tutorial about configuring and invoking OpenAPIs with the server-to-server authentication strategy. Similar tutorials can also be found for Web App and Single Page Application authentication approaches.

Configuring API Access

Some OpenAPI-based AEM APIs need authentication, which requires credentials to be generated using Adobe Developer Console. Configuration involves the following steps:

Modernization of the AEM as a Cloud Service environment.
Enable access to the AEM APIs using Product Profiles. Product Profiles are associated with the Services that represent AEM user groups with predefined Access Control Lists (ACLs). While some services are associated with specific product profiles by default, others need to be explicitly associated; for example, the AEM Assets API Users Service is not associated with any Product Profile, so you must enable it to use AEM Assets API. For more information, see Enable AEM APIs access tutorial step.
To add Server-to-Server authentication, the user setting up integration must be the organization’s system administrator in the Adobe Admin Console or added as a Developer to the Product Profile where the Service is associated. For more information, see Enable AEM APIs access tutorial step.
Create an Adobe Developer Console (ADC) Project.
Configure the ADC Project. This generates credentials that will be used later to exchange for a bearer token when invoking the API.
Configure the AEM instance to enable ADC Project communication. This involves registering the client ID with the environment by configuring and deploying a YAML file, as described in the Registering a Client ID section below.

For detailed step-by-step instructions, see the Set up OpenAPI-based APIs tutorial.

Registering a Client ID

Client IDs scope the APIs in an Adobe Developer Console project to specific AEM environments. This is achieved as follows:

Create a file named api.yaml or similar with a configuration like the snippet below, including the desired tiers (author, publish, preview). Client_id values should come from your Adobe Developer Console API project(s).

The kind, version, and metadata properties are described in the Config Pipeline article. The kind property value should be set to API and the version property should be set to 1.
kind: "API" version: "1" metadata: envTypes: ["dev"] data: allowedClientIDs: author: - "<client_id>" publish: - "<client_id>" preview: - "<client_id>"
Place the file somewhere under a top level folder named config or similar, as described under Config Pipeline.
For environment types other than RDE (which uses command line tooling), create a targeted deployment config pipeline in Cloud Manager, as referenced by this section in the Config Pipeline article. Note that Full Stack pipelines and Web Tier pipelines do not deploy the configuration file.
Deploy the configuration.

recommendation-more-help