The Edge Network Server API handles both authenticated and unauthenticated data collection, depending on the source of events and the API collection domain.
For each request, the Server API verifies the datastream access type setting. Using this setting, customers can configure a datastream to accept either authenticated data, or both authenticated and unauthenticated data. By default, both types of data are accepted.
For details on configuring the datastream access type, see the documentation on how to create and configure a datastream.
Below is a summary of the behavior, based on the datastream Access Type configuration and the endpoint on which the request is received.
Access Type | edge.adobedc.net | server.adobedc.net |
---|---|---|
mixed (default) | Does not authenticate request | Authenticates request |
authenticated | Authenticates request | Authenticates request |
API calls coming from a private server on server.adobedc.net
should always be authenticated.
Before you can make calls to the Server API, make sure you meet the following prerequisites:
developer
and user
roles enabled for the Adobe Experience Platform API product profile. Contact your Admin Console administrator to enable these roles for your account.In order to make calls to Platform APIs, you must first complete the authentication tutorial. Completing the authentication tutorial provides the values for each of the required headers in all Experience Platform API calls, as shown below:
{ACCESS_TOKEN}
{API_KEY}
{ORG_ID}
Resources in Experience Platform can be isolated to specific virtual sandboxes. In requests to Platform APIs, you can specify the name and ID of the sandbox that the operation will take place in. These are optional parameters.
{SANDBOX_NAME}
For more information on sandboxes in Experience Platform, see the sandbox overview documentation.
All requests that contain a payload (POST, PUT, PATCH) require an additional media type header:
application/json
To configure dataset write permissions, go to the Admin Console, locate the product profile attached to your API key, and set the following permissions:
Error code | Error message | Description |
---|---|---|
EXEG-0500-401 |
Invalid authorization token | This error message is displayed in any of the following situations:
|
EXEG-0501-401 |
Invalid user authorization token | This error message is displayed in any of the following situations:
|
EXEG-0502-401 |
Invalid authorization token | This error message is displayed when the provided authorization token has a valid format (JWT), but its signature is invalid. Check the authentication tutorial to learn how to get a valid JWT token. |
EXEG-0503-401 |
Invalid authorization token | This error message is displayed when the provided authorization token is expired. Go through the authentication tutorial to generate a new token. |
EXEG-0504-401 |
Required product context is missing | This error message is displayed in any of the following situations:
|
EXEG-0505-401 |
Required authorization token scope is missing | This error applies only to service account authentication. The error message is displayed when the service authorization token included in the call belongs to a service account which does not have access to the acp.foundation IMS scope. |
EXEG-0506-401 |
Sandbox not accessible for write | This error message is displayed when the developer account does not have WRITE access to the Experience Platform sandbox in which the datastream is defined. |