Authentication authentication
Overview
The Edge Network Server API handles both authenticated and unauthenticated data collection, depending on the source of events and the API collection domain.
For each request, the Server API verifies the datastream access type setting. Using this setting, customers can configure a datastream to accept either authenticated data, or both authenticated and unauthenticated data. By default, both types of data are accepted.
For details on configuring the datastream access type, see the documentation on how to create and configure a datastream.
Below is a summary of the behavior, based on the datastream Access Type configuration and the endpoint on which the request is received.
API calls coming from a private server on server.adobedc.net
should always be authenticated.
Prerequisites prerequisites
Before you can make calls to the Server API, make sure you meet the following prerequisites:
- You have an organization account with access to Adobe Experience Platform.
- Your Experience Platform account has the
developer
anduser
roles enabled for the Adobe Experience Platform API product profile. Contact your Admin Console administrator to enable these roles for your account. - You have an Adobe ID. If you do not have an Adobe ID, go to the Adobe Developer Console and create a new account.
Gather credentials credentials
In order to make calls to Platform APIs, you must first complete the authentication tutorial. Completing the authentication tutorial provides the values for each of the required headers in all Experience Platform API calls, as shown below:
- Authorization: Bearer
{ACCESS_TOKEN}
- x-api-key:
{API_KEY}
- x-gw-ims-org-id:
{ORG_ID}
Resources in Experience Platform can be isolated to specific virtual sandboxes. In requests to Platform APIs, you can specify the name and ID of the sandbox that the operation will take place in. These are optional parameters.
- x-sandbox-name:
{SANDBOX_NAME}
All requests that contain a payload (POST, PUT, PATCH) require an additional media type header:
- Content-Type:
application/json
Configure dataset write permissions dataset-write-permissions
To configure dataset write permissions, go to the Admin Console, locate the product profile attached to your API key, and set the following permissions:
- In the Sandboxes section, select the datastream sandbox.
- In the Data Management section, select the Manage Datasets permission.
Troubleshooting authorization errors troubleshooting-authorization
EXEG-0500-401
This error message is displayed in any of the following situations:
- The
authorization
header value is missing. - The
authorization
header value does not include the requiredBearer
token. - The provided authorization token has an invalid format.
- The datastream requires authentication but the request is missing required headers.
EXEG-0501-401
This error message is displayed in any of the following situations:
- The API call is missing the required
x-user-token
header. - The provided user token has an invalid format.
EXEG-0502-401
EXEG-0503-401
EXEG-0504-401
This error message is displayed in any of the following situations:
- The developer account does not have access to Adobe Experience Platform product context.
- The company account is not yet entitled to Adobe Experinece Platform.
EXEG-0505-401
acp.foundation
IMS scope.EXEG-0506-401
WRITE
access to the Experience Platform sandbox in which the datastream is defined.