Authentication authentication
Overview
The Edge Network Server API handles both authenticated and unauthenticated data collection, depending on the source of events and the API collection domain.
For each request, the Server API verifies the datastream access type setting. Using this setting, customers can configure a datastream to accept either authenticated data, or both authenticated and unauthenticated data. By default, both types of data are accepted.
For details on configuring the datastream access type, see the documentation on how to create and configure a datastream.
Below is a summary of the behavior, based on the datastream Access Type configuration and the endpoint on which the request is received.
API calls coming from a private server on server.adobedc.net should always be authenticated.
Prerequisites prerequisites
Before you can make calls to the Server API, make sure you meet the following prerequisites:
- You have an organization account with access to Adobe Experience Platform.
- Your Experience Platform account has the
developeranduserroles enabled for the Adobe Experience Platform API product profile. Contact your Admin Console administrator to enable these roles for your account. - You have an Adobe ID. If you do not have an Adobe ID, go to the Adobe Developer Console and create a new account.
Gather credentials credentials
In order to make calls to Platform APIs, you must first complete the authentication tutorial. Completing the authentication tutorial provides the values for each of the required headers in all Experience Platform API calls, as shown below:
- Authorization: Bearer
{ACCESS_TOKEN} - x-api-key:
{API_KEY} - x-gw-ims-org-id:
{ORG_ID}
Resources in Experience Platform can be isolated to specific virtual sandboxes. In requests to Platform APIs, you can specify the name and ID of the sandbox that the operation will take place in. These are optional parameters.
- x-sandbox-name:
{SANDBOX_NAME}
All requests that contain a payload (POST, PUT, PATCH) require an additional media type header:
- Content-Type:
application/json
Configure dataset write permissions dataset-write-permissions
To configure dataset write permissions, go to the Admin Console, locate the product profile attached to your API key, and set the following permissions:
- In the Sandboxes section, select the datastream sandbox.
- In the Data Management section, select the Manage Datasets permission.
Troubleshooting authorization errors troubleshooting-authorization
EXEG-0500-401This error message is displayed in any of the following situations:
- The
authorizationheader value is missing. - The
authorizationheader value does not include the requiredBearertoken. - The provided authorization token has an invalid format.
- The datastream requires authentication but the request is missing required headers.
EXEG-0501-401This error message is displayed in any of the following situations:
- The API call is missing the required
x-user-tokenheader. - The provided user token has an invalid format.
EXEG-0502-401EXEG-0503-401EXEG-0504-401This error message is displayed in any of the following situations:
- The developer account does not have access to Adobe Experience Platform product context.
- The company account is not yet entitled to Adobe Experinece Platform.
EXEG-0505-401acp.foundation IMS scope.EXEG-0506-401WRITE access to the Experience Platform sandbox in which the datastream is defined.