Authentication Guide
Learn how to integrate with Adobe products and services in your application securely. The following guide is a technical reference for the Adobe supported authentication types available to your application.
Overview
Adobe is committed to the privacy and security of our users and their data. Therefore, understanding various authentication and authorization mechanisms is uniquely important for a developer integrating with Adobe products and services.
Depending on the Adobe product or service you are integrating into your app, you may be required to use one or more of the authentication types listed below. Each authentication type has different credential types supporting different platforms (web, mobile, desktop, etc.).
User authentication
If your application needs to read or modify the data owned by an Adobe end-user, it can do so using a user authentication credential. However, before your application can view or edit the user's data, the user would need to provide explicit 'consent' to your application.
View our guide on user authentication credentials -
- Understanding OAuth 2.0
authorization_codegrant flow (3-legged OAuth) - Learning about the different user authentication credential types
- Understanding default redirect URI and redirect URI pattern
- Implementing user authentication using standard OAuth2 libraries
Server to server authentication
If your application needs to read or modify data owned by your application or your organization, you can use a server to server authentication credential. Server to server authentication credentials only allow you to access your application's data or your organization's data and, therefore, do not require an end user to sign in.
View our guide on server to server authentication credentials -
- Understanding server to server credentials
- Learning about the different Server to server authentication credential types
- Setting up the credential - credential name, product profiles
- Implementing server to server authentication using standard OAuth2 libraries
- Rotating client secrets programmatically
The Service Account (JWT) credentials have been deprecated in favor of the OAuth Server-to-Server credentials. Your applications using the Service Account (JWT) credentials will stop working after Jan 27, 2025. You must migrate to the new credential by Jan 27, 2025, to ensure your application continues functioning. Learn more.
API key authentication
If your application needs to integrate with an Adobe offering that supports unauthenticated workflows (does not require access tokens), you can do so by using API key credential. The API key credential identifies your application to Adobe servers and can help accept/reject requests originating from certain domains that you configure during credential setup.
View our guide on API key credentials -
