Edit in GitHubLog an issue

Add API to project using OAuth User authentication credentials

Adding an API to an empty project is the same whether you are working in a personal or enterprise project. Adding an API to a templated project is similar, with one small variation: APIs are added to individual workspaces, not to the project as a whole.

To begin adding an API from within a templated project, first, select the appropriate workspace to open the Workspace overview. Then, select + Add Service in the left navigation and choose API from the dropdown.

In an empty project, select +Add to Project in the left navigation of the Project overview and then choose API, or select Add API from the quick start buttons.

services add to project

Add an API

Using REST APIs allows your application to make calls to Adobe services and products. The Add an API dialog shows a list of available services with the default View by setting to show only those services available to you.

Once you have found and chosen an API that you would like to add, select Next to begin configuring the API.

services api oauth select

Configure API

OAuth User authentication credentials allows your end-users to sign in to your integration with an Adobe ID and your integration to receive an access token. With the access token, your integration will be able to call Adobe APIs and access content on behalf of the logged-in user. For more information, read the OAuth User authentication credentials guide.

To configure an API using OAuth 2.0 User authentication, you must first select the platforms where you want to use this integration: Web App, Single Page App, or Native App.

services api oauth configure

Depending on the platform(s) you select, you may be required to provide additional configuration information:

Web App

The Web App platform is best suited for applications that have a backend server. The OAuth User authentication Web App credential requires the application to securely store a client secret on the backend server. The application can then fetch tokens using the client secret on the backend server, and therefore, not risk exposing the client secret or the tokens through the frontend application.

When setting up an OAuth User authentication Web App credential, you are required to provide:

  1. A Default Redirect URI
  2. A Redirect URI pattern

Single Page App

The Single Page App platform is best suited for JavaScript-based applications that run in the browser and either do not have a backend server or want to fetch tokens on the frontend. OAuth User authentication Single Page Apps credential does not require the application to store a client secret, and therefore, the application must utilize the OAuth 2.0 PKCE flow to obtain tokens securely.

When setting up an OAuth User authentication Single Page App credential, you are required to provide:

  1. A Default Redirect URI
  2. A Redirect URI pattern

Native App

The Native App platform is best suited for applications that run natively on a device (Android, iOS, Windows, Mac, and others) and either do not have a backend server or want to fetch tokens on the frontend. OAuth User authentication Native Apps credential does not require the application to store a client secret, and therefore, the application must utilize the OAuth 2.0 PKCE flow to obtain tokens securely.

OAuth 2.0 Default Redirect URI

A Default redirect URI is the URL of the page or script (usually at the root of your web app) that Adobe will access during the authentication process. It can contain a maximum of 256 characters and cannot be a regular expression.

OAuth 2.0 Redirect URI pattern

When creating a new authorize request, the OAuth 2.0 framework allows your application to request a different redirect URI than the default Redirect URI. However, any requested redirect URI must match against the Redirect URI pattern you supply. The authorize request can be successfully completed only if the requested Redirect URI passes regex matching,

A Redirect URI pattern is a URI path (or comma-separated list of paths) to which Adobe can redirect (if requested) when the login flow is complete. It must be within your application domain and is typically the root. It can contain a maximum of 512 characters.

Web

The OAuth credential for the Web platform has been deprecated in favor of the Web App platform. Furthermore, the new Web App platform credentials do not support the weaker OAuth implicit flow. Applications looking for a substitute for the OAuth implicit flow should use the more secure Single Page App platform.

iOS

The OAuth credential for the iOS platform has been deprecated in favor of the Native App platform.

Android

The OAuth credential for the Android platform has been deprecated in favor of the Native App platform.

API overview

With the API configured, you are redirected to the API overview, providing links to documentation, the ability to download files in order to experiment with the API using Postman, and the Credential details, including the Redirect URI that you just provided.

You can also elect to remove the API on this screen using the Remove API button in the top-right corner.

services api oauth user auth added

Credentials

Now that you have added an API, you can return to the Project overview (or Workspace overview in a templated project) at any time to view the details for that API and any other project services you may have added.

You can select the specific API from the left navigation to view its details or remove the API using the Remove API button in the top-right corner.

You can also select the specific credential type from under Credentials in the left navigation to view the Credential details and perform other actions (view Client ID, retrieve client secret, etc.) as needed. For more information on accessing credentials, please read the credentials overview.

services api oauth user auth credential overview

You can also view the scopes available to your credential on the scopes tab.

services api oauth user auth credential scopes

Insights

Adobe Developer Console automatically generates valuable insights related to API usage for each enterprise project (or individual workspace when working in a templated project), as well as for each personal project, including XD Plugins.

To learn more about insights, begin by reading the insights overview.

Next steps

With an API successfully added, you can follow the same workflow steps to add additional APIs or return to the services overview to select another type of service to add to your project.

If you have completed development on your project and are ready to submit your application for approval, please read the project approval guide to get started.

  • Privacy
  • Terms of Use
  • Do not sell or share my personal information
  • AdChoices
Copyright © 2024 Adobe. All rights reserved.