Developing OAuth Scopes
Adobe Experience Manager’s extensible OAuth scopes allow for access control for resources from a client application that is authorized by an end user. The diagram below illustrates the request flow in the context of AEM.
AEM provides three scopes:
- Profile
- Offline access
- Replicate
AEM’s extensible OAuth scopes allow other custom scopes to be defined. For example, a custom scope can be developed and deployed to AEM that allows a mobile app authorized via OAuth to be restricted to reading, but not writing assets.
OAuth is the preferred method of authorizing a client application since it uses an access token instead of requiring an AEM user’s credentials to be provided to that application.
recommendation-more-help
c92bdb17-1e49-4e76-bcdd-89e4f85f45e6