Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Connecting to Adobe using JWT

Go to solution
AradhanaGanguly
New Contributor II
New Contributor II

‎03/13/2023 11:37 PM

We need to connect to Adobe User Management API using JWT authentication. However, to get the JWT token, we need to get the private key and certificate which expires every day.
 
Hence, we want to know if it's feasible to get the private key dynamically in the JSONS so that they can be refreshed automatically.
 
We are using Saviynt v5.5 SP3.11 which according to the REST connector document supports JWT authentication.
Labels:
0 Kudos
2 REPLIES 2

Go to solution
timchengappa
Saviynt Employee
Saviynt Employee

‎03/14/2023 05:12 PM

Hello @AradhanaGanguly 

We do support JWT authentication in our REST connector. You can find a JSON sample for the same in our documentation below. Please refer to the "JWT: Used for authentication using JSON Web Tokens (JWT)" section of the documentation

Developers Handbook 

Based on Adobe documentation, it contradicts what you have stated which is "private key and certificate expires every day" and instead it stated that it is a "One-time activity"

Snips from Adobe documentation below...

One-time Setup

  • To obtain the credentials you need to access the User Management service, create a Service Account Integration using the Adobe I/O Console.
  • A member of the organization with admin rights can create the Integration. You can use the Admin Console to grant administrative privileges to users.
  • You will need to create or purchase a digital signing certification, and use it to sign a JSON Web Token (JWT), which you will use to authenticate your requests.
  • Your integration provides an API key that uniquely identifies your client and other credentials that you need to access the UM API.

For complete details of the entire integration process, see Service Account Authentication.

Authorizing API calls

  • To establish a secure service-to-service API session, you will create a JSON Web Token (JWT) that encapsulates your client credentials, and sign the JWT with the private key for a public-key certificate associated with the integration. For complete details, see Creating a JSON Web Token.
  • You will exchange the JWT for an access token from the Adobe Identity Management Service (IMS). Every request to an Adobe service must include the access token in the Authorization HTTP header, along with the API Key (client ID) that was generated when you created the integration. Include these headers in all requests:


External Doc References

Creating Service Account: https://developer.adobe.com/developer-console/docs/guides/authentication/ServiceAccountIntegration/

Authentication for API Access: https://adobe-apiplatform.github.io/umapi-documentation/en/UM_Authentication.html

JWT (Service Account) Authentication: https://developer.adobe.com/developer-console/docs/guides/authentication/JWT/

0 Kudos

Go to solution
AradhanaGanguly
New Contributor II
New Contributor II

‎04/06/2023 03:01 AM

Thanks for the reply, the certificates and private key are valid for a year. Only the jwt token will get expired every day

Copyright © 2024 Khoros, LLC