Adobe API : The Essential Guide migrating to OAuth Server to Server
Going through the latest news and recollecting the past while playing with Adobe API.
It was On August 18, 2021, when Adobe Analytics Legacy API services reached their end-of-life date and gone shut down. Any integrations built using these services stopped working from on that day.
• 1.3 Analytics APIs
• 1.4 SOAP Analytics APIs
• Legacy OAuth Authentication (OAuth and JWT)
As alternative API integrations that employ these services are left to use 1.4 Analytics REST APIs or the 2.0 Analytics APIs. Legacy OAuth accounts can migrate to an Adobe I/O Analytics integration account, which can be used to access both the 1.4 Analytics APIs and 2.0 Analytics APIs.
Now it is time for JWT to be deprecated.
Adobe has announced in 2023 that they will deprecate the JWT authentication for all their APIs. The current setup that you have now is probably using the JWT authentication, because it is the most flexible one for creating new token.
Unfortunately, this authentication method is going away in 2025 (January 1st to be precise).
In case you recently visited on https://developer.adobe.com/console/projects , you should have seen some warnings.
As notification you will notice the following banner as well often.
If you click the project you will find the below screen :
There is no immediate worry as it will come into effect in January 2025, as stated in the communication and may get extended in near future as well.
You have more than a year to switch authentication method.
Normally, the JWT certificate created automatically by Adobe valid for a year, so it means that all the users that have used the Adobe self-generated certificate will need to go to the developer console to change the certificate at least once before the migration.
Apart from many benefits the biggest benefit of using OAUTH SERVER-TO-SERVER credential is that as it does not use public certificates or private key pairs. You are not forced to rotate certificates every year.
oAuth Server to Server
The new system that is put in place for Adobe API is the Oauth Server to Server, or Oauth V2.
This authentication is way easier to setup than the JWT one.
You have an extended guideline on this website : https://developer.adobe.com/developer-console/docs/guides/authentication/ServerToServerAuthentication/implementation/
The complexity of implementation is quite reduce and you would only need 4 elements:
Org ID
Client ID
Scopes
Secret
Your applications using the Service Account (JWT) credentials will stop working after Jan 1, 2025.