DocumentationAEM GuidesAEM Guides Documentation

Configure microservice-based publishing with JWT authentication

Last update: Mon Apr 22 2024 00:00:00 GMT+0000 (Coordinated Universal Time)

CREATED FOR:

  • User
  • Admin

[Cloud Service]{class="badge informative"}

NOTE
The Service Account (JWT) credentials have been deprecated in favor of the OAuth Server-to-Server credentials. Your applications using the Service Account (JWT) credentials will stop working after Jan 1, 2025. You must migrate to the new credential by Jan 1, 2025, to ensure your application continues functioning. Learn more about migrating from Service Account (JWT) credential to OAuth Server-to-Server credential.

Microservice-based publishing in for Adobe Experience Manager Guides as a Cloud Service supports PDF (both Native and DITA-OT based), HTML5, JSON, and CUSTOM types of output presets.

As the Service Account (JWT) credentials have been deprecated, so it is recommended to use Adobe IMS OAuth-based authentication. Learn how to configure microservice-based publishing with OAuth authentication.

For the cloud publishing service secured by Adobe IMS JWT based authentication, customers should follow the below given steps to integrate their environments with Adobe’s secure token-based authentication workflows and start using the new cloud based scalable publishing solution.

Create IMS configurations in Adobe Developer Console

Role required to create the confugrations: System Administrator

Perform the following steps to create IMS configurations in Adobe Developer Console:

  1. Open Developer Console: https://developer.adobe.com/console.

  2. Switch to Projects tab from top.

    projects tab {width="500"}

  3. To create a new empty project, select Empty project from the Create new project dropdown.

    create new project {width="500"}

  4. Select API from the Add to Project dropdown to add IO Management API to your project.

    add project {width="300"} io management {width="500"}

  5. Create a new private/public key pair while adding the API. This will automatically download the private key on your system.

    generate key pair {width="500"}

  6. Save the configured API.

    save api {width="600"}

  7. Go back to Projects tab and click Project overview on the left.

    project overview {width="500"}

  8. Click Download button on the top to download the service JSON.

    download json {width="500"}

You have now configured the JWT authentication details and have also downloaded the private key and the service details JSON. Keep these two files handy as these files are required in the next section.

Add IMS configuration to the environment

Perform the following steps to add IMS configuration to the environment:

  1. Open experience manager and then select your program which contains the environment you want to configure.

  2. Switch to Environments tab.

  3. Click on the environment name which you want to configure. This should navigate you to the Environment Information page.

  4. Switch to Configuration tab.

  5. Upload the private key and project JSON as shown in the screenshot below. Make sure you are using the same names and configuration as highlighted below.

    ims configurations {width="500"}

NOTE
You need to open, copy, and paste the contents of private key and service details JSON file to the value column of the Configuration panel as shown in the above screenshot.

Once you have added the IMS configuration to the environment, perform the following steps to link these properties with Experience Manager Guides using OSGi:

  1. In you cloud manager Git project code, add the below given two files (For file contents, see Appendix).

    • com.adobe.aem.guides.eventing.ImsConfiguratorService.cfg.json
    • com.adobe.fmdita.publishworkflow.PublishWorkflowConfigurationService.xml

  2. Ensure that the newly added files are getting covered by your filter.xml.

  3. Commit and push your Git changes.

  4. Run the pipeline to apply the changes on the environment.

Once this is done, you should be able to use the new microservice-based cloud publishing.

FAQs

  1. Can a single key be used on multiple cloud environments?
    • Yes, you can generate one private key and use it for all environments, but you have to configure environment variables for all environments and use the same key.
  2. If OSGi configurations to use microservice are enabled , will the publishing process work on local AEM server with the same codebase?
    • No, if the flag dxml.use.publish.microservice is set to true then it always looks for microservice configurations. Set dxml.use.publish.microservice to false for the publishing to work on your local.
  3. How much memory is allocated to the DITA process when using microservice-based publishing? Is this driven via DITA profile ant parameters?
    • With microservice-based publishing, memory allocation is not driven through DITA profile ant parameters. The total memory available on the service container is 8 GB, out of which 6 GB is allocated to the DITA-OT process.

Appendix appendix

File:
com.adobe.aem.guides.eventing.ImsConfiguratorService.cfg.json

Content:

{
  "service.account.details": "$[secret:SERVICE_ACCOUNT_DETAILS]",
  "private.key": "$[secret:PRIVATE_KEY]"
}

File: com.adobe.fmdita.publishworkflow.PublishWorkflowConfigurationService.xml

Content:

  • dxml.use.publish.microservice: Switch to enable microservice-based publishing using DITA-OT
  • dxml.use.publish.microservice.native.pdf: Switch to enable microservice-based Native PDF publishing
<?xml version="1.0" encoding="UTF-8"?>
<jcr:root xmlns:jcr="http://www.jcp.org/jcr/1.0" xmlns:sling="http://sling.apache.org/jcr/sling/1.0"
          jcr:primaryType="sling:OsgiConfig"
          dxml.publish.microservice.url="https://adobeioruntime.net/api/v1/web/543112-guidespublisher/default/publishercaller.json"
          dxml.use.publish.microservice="{Boolean}true"
          dxml.use.publish.microservice.native.pdf="{Boolean}true"
/>
recommendation-more-help
11125c99-e1a1-4369-b5d7-fb3098b9b178