[AEM Forms]{class="badge positive" title="適用於AEM Forms)。"}
OAuth伺服器對伺服器驗證
OAuth伺服器對伺服器驗證允許以權杖為基礎的安全存取AEM Forms Communications API,而不需要使用者互動。 Adobe Developer Console支援OAuth伺服器對伺服器驗證。
先決條件
開始之前,請確定符合下列必要條件:
- 確保您擁有存取您使用環境專屬的Adobe Developer Console的許可權。
- 在Adobe Admin Console中指派系統管理員或開發人員角色以啟用Adobe Developer Console的存取權。
如何使用OAuth伺服器對伺服器驗證產生存取權杖?
請依照下列步驟,從Adobe Developer主控台產生存取權杖,並透過OAuth伺服器對伺服器驗證發出第一個API呼叫。
1. Adobe Developer Console專案設定
-
使用您的Adobe ID登入
-
建立新專案或導覽至您現有的專案
-
在 快速入門 區段中,按一下建立新專案
-
使用預設名稱建立新專案
-
按一下右上角的編輯專案
-
提供有意義的名稱(例如「formsproject」)
-
按一下「儲存」
-
Click All Projects from the Adobe Developer Console
-
Locate your project and click to open it.
2. Add Forms APIs
Add Forms APIs based on what you want to do:
- AEM Forms Communications APIs: use when you need to generate, convert, assemble, or secure documents (PDF and related formats).
- Adaptive Forms Runtime APIs – use when you need to render, submit, or process Adaptive Forms at runtime.
-
Click Add API
-
Select Forms Communication APIs
-
In the Add API dialog, filter by Experience Cloud
-
Select "Forms Communication APIs"
-
按一下「下一步」。
-
Select OAuth Server-to-Server authentication method
-
-
Click Add API
-
Select AEM Forms Delivery and Runtime API
-
In the Add API dialog, filter by Experience Cloud
-
Select "AEM Forms Delivery and Runtime API"
-
按一下「下一步」。
-
Select OAuth Server-to-Server authentication method.
-
You can also add the API and authentication method to your existing project by clicking Add to Project > API
3. Add Product Profile
Product profile provides permissions (or authorization) for credentials to access the AEM resources.
-
Select the Product Profile that matches your AEM instance URL (
https://Service Type -Environment Type-Program XXX-Environment XXX.adobeaemcloud.com).-
Service Type – specifies services or permissions associated with the AEM instance
-
Environment Type – specifies whether the envrionment is for Author or Publish service
-
Program XXX – identifies the Cloud Manager program ID
-
Environment XXX – identifies the specific environment ID within that program
note note NOTE Product profiles are tied to a specific AEM instance (program + environment). Always choose the profile that matches your instance URL. -
-
按一下「儲存已設定的 API」。 The API and Product Profile are added to your project
4. Generate and Save Credentials
-
Navigate to your project in Adobe Developer Console
-
Click OAuth Server-to-Server credential
-
View the Credential details section
Record API Credentials
API Credentials:
================
Client ID: <your_client_id>
Client Secret: <your_client_secret>
Technical Account ID: <tech_account_id>
Organization ID: <org_id>
Scopes: AdobeID,openid,read_organizations
5. Access Token Generation
Generate the Access token either manually or programmatically:
Generate access tokens manually in Adobe Developer Console:
-
瀏覽至您的專案
- 在Adobe Developer Console中,開啟您的專案
- 按一下OAuth伺服器對伺服器
-
產生存取權杖
- 按一下專案API區段中的 「產生存取權杖」 按鈕
- 複製產生的存取權杖
note note NOTE 存取權杖僅對 24小時 有效
使用Adobe IMS API以程式設計方式產生權杖:
必要的認證:
- 用戶端 ID
- 用戶端密碼
- 範圍(通常:
openid, AdobeID, read_organizations, additional_info.projectedProductContext, read_pc.dma_aem_cloud, aem.document)
權杖端點:
| code language-none |
|---|
|
範例要求(curl):
| code language-bash |
|---|
|
回應:
| code language-json |
|---|
|
您現在可以使用產生的存取Token針對開發、預備或生產環境進行API呼叫。
最佳實務:管理開發、測試和生產的認證
-
請一律使用開發、測試和生產的個別認證。
-
將每個認證對應至正確的AEM環境URL。
-
安全地儲存秘密,並且絕不將其提交至原始檔控制。
-
追蹤存取權杖有效性,因為權杖僅在24小時內有效。
後續步驟
若要瞭解如何設定同步Forms通訊API的環境,請參閱AEM Forms as a Cloud Service通訊同步處理。
相關文章
瞭解如何設定同步(隨選)和非同步(批次) Forms Communications API的環境:
AEM Forms Communications API — 非同步(批次)
瞭解如何為非同步(批次) Forms Communications API設定環境,以排程方式產生或處理多個檔案。