Configure AEM Assets with Brand Portal
Adobe Experience Manager Assets Brand Portal allows you to publish approved brand assets from Adobe Experience Manager Assets to Brand Portal and distribute them to the Brand Portal users.
AEM Assets is configured with Brand Portal via Adobe Developer Console, which procures an Adobe Identity Management Services (IMS) account token for authorization of the Brand Portal tenant.
Configuring AEM Assets with Brand Portal via Adobe Developer Console is supported on AEM 126.96.36.199 and above.
Earlier, Brand Portal was configured via legacy OAuth Gateway, which uses the JSON Web Token (JWT) exchange to obtain an IMS Access token for authorization.
Configuration via legacy OAuth Gateway is no longer supported from April 6, 2020, and is changed to Adobe Developer Console.
For existing customers only
It is recommended to continue using the existing legacy OAuth Gateway configuration. In case, you encounter problems with legacy OAuth Gateway configuration, delete the existing configuration and create new configuration via Adobe Developer Console.
This help describes the following two use-cases:
- New configuration : If you are a new Brand Portal user and want to configure your AEM Assets author instance with Brand Portal, you can create configuration via Adobe Developer Console.
- Upgrade configuration : If you are an existing Brand Portal user having configuration on legacy OAuth Gateway, delete the existing configuration and create new configuration via Adobe Developer Console.
The information provided is based on the assumption that anyone reading this Help is familiar with the following technologies:
- Installing, configuring, and administering Adobe Experience Manager and AEM packages.
- Using Linux and Microsoft Windows operating systems.
You require the following to configure AEM Assets with Brand Portal:
- An up and running AEM Assets author instance with the latest Service Pack
- A Brand Portal tenant URL
- A user with system administrator privileges on the IMS organization of the Brand Portal tenant
Download and install AEM 6.5
It is recommended to have AEM 6.5 to set up an AEM author instance. If you do not have AEM up and running, download it from the following locations:
- If you are an existing AEM customer, download AEM 6.5 from Adobe Licensing website .
- If you are an Adobe partner, use Adobe Partner Training Program to request AEM 6.5.
After you download AEM, for instructions to set up an AEM author instance, see deploying and maintaining .
Download and install AEM latest Service Pack
For detailed instructions see,
Contact Support if you are unable to find the latest AEM package or Service Pack.
Configuring AEM Assets with Brand Portal requires configurations in both, AEM Assets author instance as well as Adobe Developer Console.
- In AEM Assets, create an IMS account and generate a public certificate (public key).
- In Adobe Developer Console, create a project for your Brand Portal tenant (organization).
- Under the project, configure an API using the public key to create a service account (JWT) connection.
- Get the service account credentials and JWT payload information.
- In AEM Assets, configure the IMS account using the service account credentials and JWT payload.
- In AEM Assets, configure the Brand Portal cloud service using the IMS account and Brand Portal endpoint (organization URL).
- Test your configuration by publishing an asset from AEM Assets to Brand Portal.
An AEM Assets author instance shall only be configured with one Brand Portal tenant.
Perform the following steps in the listed sequence if you are configuring AEM Assets with Brand Portal for the first time:
Obtain public certificate
The public key (certificate) authenticates your profile on Adobe Developer Console.
- Log in to your AEM Assets author instance. The default URL is http://localhost:4502/aem/start.html .
- From the Tools panel, navigate to Security > Adobe IMS Configurations .
- In Adobe IMS Configurations page, click Create . It will redirect to the Adobe IMS Technical Account Configuration page. By default, the Certificate tab opens.
- Select Adobe Brand Portal in the Cloud Solution dropdown list.
- Select the Create new certificate check box and specify an alias for the public key. The alias serves as name of the public key.
- Click Create certificate . Then, click OK to generate the public key.
- Click the Download Public Key icon and save the public key (.crt) file on your machine.The public key will be used later to configure API for your Brand Portal tenant and generate service account credentials in Adobe Developer Console.
- Click Next .In the Account tab, Adobe IMS account is created which requires the service account credentials that are generated in Adobe Developer Console. Keep this page open for now.Open a new tab and create a service account (JWT) connection in Adobe Developer Console to get the credentials and JWT payload for configuring the IMS account.
Create service account (JWT) connection
In Adobe Developer Console, projects and APIs are configured at Brand Portal tenant (organization) level. Configuring an API creates a service account (JWT) connection. There are two methods to configure API, by generating a key pair (private and public keys) or by uploading a public key. To configure AEM Assets with Brand Portal, you must generate a public key (certificate) in AEM Assets and create credentials in Adobe Developer Console by uploading the public key. These credentials are required to configure the IMS account in AEM Assets. Once the IMS account is configured, you can configure the Brand Portal cloud service in AEM Assets.
Perform the following steps to generate the service account credentials and JWT payload:
- Log in to Adobe Developer Console with system administrator privileges on the IMS organization (Brand Portal tenant). The default URL is https://www.adobe.com/go/devs_console_ui .Ensure that you have selected the correct IMS organization (Brand Portal tenant) from the dropdown (organization) list located at the upper-right corner.
- Click Create new project . A blank project with a system-generated name is created for your organization.Click Edit project to update the Project Title and Description , and click Save .
- In the Project overview tab, click Add API .
- In the Add an API window , select AEM Brand Portal and click Next .Ensure that you have access to the AEM Brand Portal service.
- In the Configure API window, click Upload your public key . Then, click Select a File and upload the public key (.crt file) that you have downloaded in the obtain public certificate section.Click Next .
- Verify the public key and click Next .
- Select Assets Brand Portal as the default product profile and click Save configured API .
- Once the API is configured, you are redirected to the API overview page. From the left navigation under Credentials , click on the Service Account (JWT) option.You can view the credentials and perform actions such as generate JWT tokens, copy credential details, retrieve client secret, and so on.
- From the Client Credentials tab, copy the client ID .Click Retrieve Client Secret and copy the client secret .
- Navigate to the Generate JWT tab and copy the JWT Payload information.
You can now use the client ID (API key), client secret, and JWT payload to configure the IMS account in AEM Assets.
Configure IMS account
Ensure that you have performed the following steps:
Perform the following steps to configure the IMS account.
- Open the IMS Configuration and navigate to the Account tab. You kept the page open while obtaining the public certificate .
- Specify a Title for the IMS account.In the Authorization Server field, specify the URL: https://ims-na1.adobelogin.com/ .Specify client ID in the API key field, Client Secret , and Payload (JWT payload) that you have copied while creating the service account (JWT) connection .Click Create .The IMS account is configured.
- Select the IMS account configuration and click Check Health .Click Check in the dialog box. On successful configuration, a message appears that the Token is retrieved successfully .
You must have only one IMS configuration.
Ensure that the IMS configuration passes the health check. If the configuration does not pass the health check, it is invalid. You must delete it and create a new, valid configuration.
Configure cloud service
Perform the following steps to configure the Brand Portal cloud service:
- Log in to your AEM Assets author instance.
- From the Tools panel, navigate to Cloud Services > AEM Brand Portal .
- In the Brand Portal Configurations page, click Create .
- Specify a Title for the configuration.Select the IMS configuration that you have created while configuring the IMS account .In the Service URL field, specify your Brand Portal tenant (organization) URL.
- Click Save & Close . The cloud configuration is created.Your AEM Assets author instance is now configured with the Brand Portal tenant.
Perform the following steps to validate the configuration:
- Log in to your AEM Assets cloud instance.
- From the Tools panel, navigate to Deployment > Replication .
- In the Replication page, click Agents on author .You can see the four replication agents created for your Brand Portal tenant.Locate the replication agents of your Brand Portal tenant and click on the replication agent URL.The replication agents work in parallel and share the job distribution equally, thereby increasing the publishing speed by four times the original speed. After the cloud service is configured, additional configuration is not required to enable the replication agents that are activated by default to enable parallel publishing of multiple assets.
- To verify the connection between AEM Assets and Brand Portal, click on the Test Connection icon.A message appears that your test package is successfully delivered .
- Verify the test results on all four replication agents.Avoid disabling any of the replication agents, as it can cause the replication of the assets (running-in-queue) to fail.Ensure that all the four replication agents are configured to avoid timeout error. See troubleshoot issues in parallel publishing to Brand Portal .
You can now:
- Publish assets from Brand Portal to AEM Assets - Asset Sourcing in Brand Portal
See Brand Portal documentation for more information.
Perform the following steps in the listed sequence to upgrade your existing configurations to Adobe Developer Console:
Verify running jobs
Ensure that no publishing job is running on your AEM Assets author instance before you make any modifications. For that, you can verify the status of active jobs on all the four replication agents and ensure that the queues are idle.
- Log in to your AEM Assets author instance.
- From the Tools panel, navigate to Deployment > Deployment Replication .
- In the Replication page, click Agents on author .
- Locate the replication agents of your Brand Portal tenant.Ensure that the Queue is Idle for all the replication agents, no publishing job is active.
Delete existing configurations
You must run the following checklist while deleting the existing configurations:
- Delete all four replication agents
- Delete Brand Portal cloud service
- Delete MAC user
- Log in to your AEM Assets author instance and open CRX Lite as an administrator. The default URL is http://localhost:4502/crx/de/index.jsp .
- Navigate to /etc/replications/agents.author and delete all the four replication agents of your Brand Portal tenant.
- Navigate to /etc/cloudservices/mediaportal and delete the Brand Portal cloud service configuration.
- Navigate to /home/users/mac and delete the MAC user of your Brand Portal tenant.
You can now create configuration via Adobe Developer Console on your AEM 6.5 author instance.