The Adobe Developer Console (Formerly Adobe I/O Console) was built to be the one-stop shop for developers who need to set up authentication for API access to Adobe products. Many integrations include an API component or are fully constructed around using the APIs. In this help article, I’ll describe how to get started with the Adobe Developer Console and set up authentication for API access. The Adobe Developer Website is also a repository for good developer documentation and I’ll be linking to a bunch of it here but take some time to browse the developer documentation if you have any questions that I haven’t answered in this article.

Accessing the Adobe Developer Console to test and build your integration

Generally you’ll need sandbox access to the Experience Cloud product that you want to integrate with so that you can build and test your integration. To get sandbox access, you’ll need to begin creating an app in the app manager and complete the Connections page (see this documentation for details). (When you’ve completed the integration, your clients will use Adobe Developer Console to provide you with credentials to their Adobe Experience Cloud accounts.)

Once you have a sandbox account, you’ll need to make sure your user has admin access to the product you want to get API access to. Check out this article for information on how to set up Adobe Analytics user permissions, and this article for info on how to set up Adobe Target user permissions.

When you have your user permissions set up, use the instructions from this article to create your API access.

OAuth vs JWT

There are two authentication methods offered by Adobe Developer Console:

• OAuth Authentication
• Service to Service (JWT) Authentication

The JWT method will work best for most of our partners’ integrations. For OAuth, the workflow is:

1. Your application redirects the user to Adobe along with the list of requested permissions
2. Adobe prompts the user with a login screen and informs the user of the requested permissions
3. The user decides whether to grant the permissions
4. Adobe sends a callback to your application to notify whether the user granted the permissions
5. After permissions are granted, your application retrieves tokens required to make API requests on behalf of the user

The redirect and granting of permissions for each session makes this type of authentication a non-starter for most of our partners. With the JWT authentication method, your clients will need to create the integration and give it the right permissions. Then they will give you a JSON Web Token (or the information you need to generate the token) that you can use to obtain session tokens without a client user needing to re-authenticate every time your system accesses the Adobe APIs.

Products available via Adobe Developer Console

Currently these products are available via Adobe Developer Console:

• Adobe Analytics 2.0 APIs
• Adobe Analytics legacy (1.4) APIs
• Adobe Campaign Standard
• Adobe Target

Currently these products are not available via Adobe Developer Console:

• Adobe Audience Manager
• Adobe Campaign Classic
• Adobe Experience Manager

For now, each of these products has its own authentication scheme. Follow the links above to learn more. Where feasible, all Experience Cloud product APIs will eventually be offered via Adobe Developer Console. And perhaps most importantly, the new APIs for the Experience Cloud Platform (which should become one of the biggest integration points for our partners) will be offered via Adobe Developer Console.

Getting API access to your clients’ accounts

In the future, getting access to your clients’ account will be simpler. (The following describes features currently being built so there may be some changes when they’re released.) If you build your integration in App Manager and use Adobe Developer Console authentication, the process for granting you access to your clients accounts will work like this:

• When your client clicks to user your integration, they will be presented with a screen that asks whether they want to grant you access to their account. The screen will describe the type of access they are granting you and what permissions you will get.
• If they click “accept, behind the scenes the App Manager will take care of creating a JWT authentication token with the correct permissions for the client account.
• This token will then be pushed to an endpoint that you would have set up with us earlier.

This video goes into more detail about how the feature works:

We don’t currently have a specific release date for these features.

For now, you will need to ask your clients to run through the JWT workflow in Adobe Developer Console and provide you with the JSON Web Token so that you can access their accounts.