AEM Headless server-to-server deployments involve server-side applications or processes that consume and interact with content in AEM in a headless manner.
Server-to-server deployments require minimal configuration, as HTTP connections to AEM Headless APIs are not initiated in the context of a browser.
Deployment configurations
The following deployment configuration must be in-place for server-to-server app deployments.
Authorization requirements
Authorized requests to AEM GraphQL APIs they typically occur in the context of server-to-server apps, since other app types, such as single-page apps, mobile, or Web Components, typically do use authorization as it is difficult to secure the credentials .
When authorizing requests to AEM as a Cloud Service, use service credentials-based token authentication. To learn more about authenticating requests to AEM as a Cloud Service, review the token-based authentication tutorial. The tutorial explores token-based authentication using AEM Assets HTTP APIs but the same concepts and approaches are applicable to apps interacting with AEM Headless GraphQL APIs.
