JWT-To-OAuth credential migration for AEM
Last update: Sun Mar 23 2025 00:00:00 GMT+0000 (Coordinated Universal Time)
- Topics:
- Integrations
- Migration
- Security
CREATED FOR:
- Beginner
- Intermediate
- Admin
- Developer
Learn how to migrate other Adobe solutions to the new OAuth Server-to-Server credentials from the deprecated Service Account (JWT) credentials.
While the Service Account (JWT) credentials have been marked as deprecated, they will continue to work until Jan 27, 2025. Therefore, you must migrate your application or integration to use the new OAuth Server-to-Server credential before Jan 27, 2025. For more information, please refer to the migration guide.
Transcript
Hello, my name is Robert Wunsch and today I would like to talk about JWT credentials deprecation in Adobe developer console, which will be migrated to OAuth. Let’s have a look. We will be seeing that from January 27th, 25, the JWT authentication mechanism in Adobe developer console will no longer work. For that, we need to migrate AEM and all AEM integrations to IMS within AEM into OAuth. Let’s have a look how that works. In this AEM instance, I have three different integrations as Adobe IMS configurations in AEM, which use JWT to access this project in the Adobe developer console. And those are all connected to this one Adobe developer console with the different services through this one JWT authentication option. And now I would like to change that. So what we will be seeing from AEM 6521 or AEM as a cloud services 16145 is this view where we see JWT is deprecated in AEM as well. So let’s choose that and check the properties where we now can also enter the OAuth credentials. In the project, we are opening up the new credentials and what we are seeing here is that we need to execute the full migration for other services that to work. They might be stopped in this integration if you are still running through the migration phase. Let’s start the migration. We have started the migration and now we can see the new elements that are required to use OAuth. So one thing we need is, sorry, the client secret. We need the scope and the organizational ID. All of that we find here. I copied the organization ID. Scope is a little bit more tricky. I have now three different integrations and I have a lot of scopes. So for this target integration, which was the first one that I use here for target, I am using the target scopes. And we still need the client secrets. And with that, we should be able to have a successful change in the integration. Check the health. And with that, we already have switched to OAuth. I would be doing the same for both of the other integrations. So now I would be taking the launch integration, check on the properties. I’m sorry, that’s the target. Take the launch properties. It’s Adobe launch, change again. I take the organizational ID. I want to have the correct scope for launch. There we go. And I just picked the client secret again. I could have saved that. Now we have it. And we saved the second integration. Also this integration should now be switched over to OAuth. Let’s do the third. Again, check that here. We have the analytics integration. Take the organizational ID, scope and the secrets. So with that, we should be able to now completely use this migration or all the different integrations or we’ve completed the migration and should be able to use all the different integrations through OAuth. And with that, we should be reviewing and deleting the migration. So let’s wait for a little bit for this to be deleted. Once that has been done and you see that the authentication is now running through OAuth and you see that the tokens are being generated correctly, you confirm and delete and that’s about it for this migration.
recommendation-more-help
c92bdb17-1e49-4e76-bcdd-89e4f85f45e6