Show Menu
TOPICS×

Configure authentication

The Adobe Target Admin APIs, including Recommendations Admin APIs, are secured by authentication to ensure only authorized users use them to access Adobe Target. Use the Adobe Developer Console to manage this authentication for all Adobe Experience Cloud solutions, including Target.
This lesson walks through the preliminary steps required to generate authentication tokens needed to successfully interact with Adobe Target APIs. In the sections that follow, you will:
  1. Create a project (previously called integration) in the Adobe Developer Console.
  2. Export project details to Postman.
  3. Generate a bearer access token.
  4. Test the bearer access token.

Pre-requisites

Resource
Details
Postman
In order to complete these steps successfully, get the Postman app for your operating system. Postman basic is free with account creation. While not required in order to use Adobe Target APIs in general, Postman makes API workflows easier, and Adobe Target provides several Postman collections to help execute its APIs and learn how they operate. The rest of this tutorial assumes working knowledge of Postman. For assistance, please reference the Postman documentation .
References
Familiarity with the following resources is assumed throughout the rest of this tutorial:

Create an Adobe I/O project

In this section, you will access the Adobe Developer Console and create a project for Adobe Target. For more information, reference the documentation on projects .
  1. In the Adobe Admin Console , ensure your Adobe user account has been granted both Product Admin and Developer level access to Target.
  2. In the Adobe Developer Console , select the Experience Cloud Organization for which you want to create this integration. (Note it is likely you may only have access to a single Experience Cloud Organization.)
  3. Click
    Create new project
    .
  4. Click
    Add API
    to add a REST API to your project to access Adobe services and products.
  5. Select
    Adobe Target
    as the Adobe service you wish to integrate with. Click the
    Next
    button that appears.
  6. Select an option for associating public and private keys with the service account integration you are creating for Target. For this tutorial, select
    Option 1: Generate a key pair
    and click
    Generate keypair
    .
  7. Note the results! As instructed, make note of the automatically downloaded configuration file (
    config
    ), which contains your private key. Click
    Next
    .
  8. In your file system, verify the location of
    config
    , which is the compressed configuration file created in the previous step. Again, this
    config
    file contains your private key, which you will need, later. The exact location within your file system may differ from the one shown here.
  9. Back in the Adobe Developer Console, select the product profile(s) corresponding to the properties in which you are using Recommendations. (If you are not using properties, select the Default Workspace option.) Click
    Save configured API
    .
  10. Click
    Create Integration
    . You should receive a temporary message indicating your API was successfully configured.
  11. As a final step, rename your project to a name more meaningful than the original
    Project 1
    . To do this, navigate to the project using the navigation path as shown, click
    Edit project
    to access the **Edit Project modal, and rename the project.
In this tutorial, we name our project "Target Integration." If you anticipate using your project for more than just Adobe Target, you may want to name it accordingly. For example, you might choose to name it "Adobe APIs" or "Experience Cloud APIs," since it may be used with other solutions in the Adobe Experience Cloud.

Export project details

Now that you have an Adobe project you can use for accessing Target, you need to make sure to send details of that project along with your Adobe API requests. These details are required in order to interact with several Adobe APIs, including several Target APIs. For example, the integration details include authorization and authentication information required by the Target Admin APIs. Therefore, to use the APIs with Postman, you need to get those details into Postman.
There are many ways to specify the details of your project in Postman, but in this section, we take advantage of some pre-built features and collections. First (in this section), you will export the details of your integration into a Postman environment. Next (in the following section), you will generate a bearer access token to grant you access to the necessary Adobe resources.
For video instructions applicable for any Experience Cloud solution, including Target, see Use Postman with Experience Platform APIs . The following sections are relevant to the Target APIs:
  1. Export Adobe I/O Integration Details to Postman
  2. Generate an Access Token with Postman
These steps are also provided below.
  1. Still in the Adobe Developer Console , navigate to view your new project's
    Service Account (JWT)
    credentials. Use either the left navigation or the
    Credentials
    section as shown. In
    Credential details
    , note you may view your
    Public key(s)
    ,
    Client ID
    , and other information related to your service account.
  2. Click to navigate to information about the
    Adobe Target
    API. Use either the left navigation or the
    Connected products and services
    section as shown.
  3. Click
    Download for Postman
    >
    Service Account (JWT)
    to create a JSON file capturing your authentication information for a Postman environment. Note the JSON file in your file system.
  4. In Postman, click the gear icon to manage your environments, then click
    Import
    to import the JSON file (environment).
  5. Choose your file and click
    Open
    .
  6. In the Postman
    Manage Environments
    modal, click the name of the newly imported environment to inspect it. (Your environment name may be different from the one shown here. Edit the name as desired. It does not necessarily need to match the name of the Adobe project.)
  7. Note
    CLIENT_SECRET
    and
    API_KEY
    (along with other variables) have their values pre-populated, taken from your integration as defined in the Adobe Developer Console. (The Postman
    CLIENT_SECRET
    variable should match the
    CLIENT SECRET
    Adobe credential as displayed in the Developer Console, and
    API_KEY
    in Postman should likewise match
    CLIENT ID
    in the Developer Console.) By contrast, note
    PRIVATE_KEY
    ,
    JWT_TOKEN
    , and
    ACCESS_TOKEN
    are blank. Let's start by providing the
    PRIVATE_KEY
    value.
  8. From your file system, open your
    config
    file, and open the
    private
    key file.
  9. Select and copy the entire contents of the
    private
    key file.
  10. In Postman, paste your private key value into the
    INITIAL VALUE
    and
    CURRENT VALUE
    fields.
  11. Click
    Update
    , and close the Environments modal.

Generate the bearer access token

In this section, you generate your bearer access token, which is required for authenticating your interaction with Adobe Target APIs. To generate your bearer access token, you need to send your integration details (established in the preceding sections) to the Adobe Identity Management Service (IMS) . There are a few different ways to do this, but in this tutorial we have you build a bespoke POST request to the IMS API. Just kidding. In this tutorial, we take advantage of a Postman collection containing a pre-built IMS call that makes the process direct and easy. Once you import the collection, you may reuse it whenever needed, to generate new tokens not only for Adobe Target, but other Adobe APIs as well.
  1. Click the
    Adobe I/O Access Token Generation Postman collection
    .
  2. Get the raw JSON for this collection by clicking
    Raw
    , then copying the resulting JSON to your clipboard. (Alternatively, you can save the raw JSON as a .json file.)
  3. In Postman, import the collection by pasting and submitting the raw JSON from your clipboard. (Alternatively, you can upload the .json file you saved.) Click
    Continue
    .
  4. Select the
    IMS: JWT Generate + Auth via User Token
    request in the Adobe I/O Access Token Generation Postman collection, ensure your environment is selected, and click
    Send
    to generate the token.
    This bearer access token will be valid for 24 hours. Send the request again whenever you need to generate a new token.
  5. Open the Manage Environments modal again, and select your environment.
  6. Note the
    ACCESS_TOKEN
    and
    JWT_TOKEN
    values are now populated.
Q: Do I have to use the Adobe I/O Access Token Generation Postman collection to generate the JSON Web Token (JWT) and bearer access token?
A: Nope! The Adobe I/O Access Token Generation Postman collection is available as a convenience to more easily generate the JWT and bearer access token in Postman. Alternatively, you can use capabilities within the Adobe Developer Console to manually generate the bearer access token.

Test the bearer access token

In this exercise, you will use your new bearer access token by sending an API request that retrieves a list of activities from your Target account. A successful response indicates your Adobe project and authentication are operating as expected in order to use the API.
  1. Import the Adobe Target Admin APIs Postman Collection . Follow all prompts until the collection is imported in Postman.
  2. Expand the collection, and note the
    List activities
    request.
  3. Note that variables such as
    {{access_token}}
    are initially unresolved. You could resolve this in several different ways—for example, you could define a new collection variable called
    {{access_token}}
    —but in this tutorial, you will instead change the API request to leverage the Postman environment you were previously using. This will enable the environment to continue to serve as a single, consistent consolidation of all variables common across Adobe APIs.
  4. Type to replace
    {{access_token}}
    with
    {{ACCESS_TOKEN}}
    .
  5. Type to replace
    {{api_key}}
    with
    {{API_KEY}}
    .
  6. Type to replace
    {{tenant}}
    with
    {{TENANT_ID}}
    . Note
    {{TENANT_ID}}
    is not yet recognized.
  7. Open the Manage Environments modal, and select your environment.
  8. Type to add a new
    {{TENANT_ID}}
    environment variable. Copy and paste your Tenant ID value into the
    INITIAL VALUE
    and
    CURRENT VALUE
    fields for your new
    TENANT_ID
    environment variable.
    The Tenant ID is different from your Target
    clientcode
    . The Tenant ID exists in the URL when you are logged in to Target. To obtain your Tenant ID, log in to the Adobe Experience Cloud, open Target, and click the Target card. Use the Tenant ID value as noted in the URL subdomain.
    For example, if your URL when logged in to Adobe Target is then your Tenant ID is "mycompany."
  9. Send your request, after ensuring you have selected the correct environment. You should receive a response containing your list of activities.
Congratulations! Now that you have verified your Adobe authentication, you may use it to interact with Adobe Target APIs (as well as other Adobe APIs). For example, you can Use Recommendations APIs to create or manage recommendations.