Retrieve an authorization token from Adobe via JSON Web Token
Last updated a year ago by macdonst .
Apache-2.0 · Repository · Bugs · Original npm · Tarball · package.json
$ cnpm install @adobe/jwt-auth 
SYNC missed versions from official npm registry.

Version Downloads/week Build Status codecov License Greenkeeper badge Language grade: JavaScript


Retrieve an Adobe bearer token via the JWT path


Instead of every developer who wants to use the JWT Auth flow to retrieve an auth token from Adobe having to write their own implementation of this flow this package is intended to replace this need with one method call.


Instructions for how to download/install the code onto your machine.


npm install @adobe/jwt-auth

Common Usage

Usage instructions for your code.

Promise based example:

const auth = require('@adobe/jwt-auth');

  .then(tokenResponse => console.log(tokenResponse))
  .catch(error => console.log(error));

Async/Await based example:

const auth = require('@adobe/jwt-auth');

let tokenResponse = await auth(config);

or (if you don't care about the other properties in the token response)

const auth = require('@adobe/jwt-auth');

let { access_token } = await auth(config);

Config object

The config object is where you pass in all the required and optional parameters to the auth call.

parameter integration name required type default
clientId API Key (Client ID) true String
technicalAccountId Technical account ID true String
orgId Organization ID true String
clientSecret Client secret true String
privateKey true String
passphrase false String
metaScopes true Comma separated Sting or an Array
ims false String https://ims-na1.adobelogin.com

In order to determine which metaScopes you need to register for you can look them up by product in this handy table.

For instance if you need to be authenticated to call API's for both GDPR and User Management you would look them up and find that they are:

They you would create an array of metaScopes as part of the config object. For instance:

const config = {
  clientId: 'asasdfasf',
  clientSecret: 'aslfjasljf-=asdfalasjdf==asdfa',
  technicalAccountId: 'asdfasdfas@techacct.adobe.com',
  orgId: 'asdfasdfasdf@AdobeOrg',
  metaScopes: [

However, if you omit the IMS url the package will automatically add it for you when making the call to generate the JWT. For example:

const config = {
  clientId: 'asasdfasf',
  clientSecret: 'aslfjasljf-=asdfalasjdf==asdfa',
  technicalAccountId: 'asdfasdfas@techacct.adobe.com',
  orgId: 'asdfasdfasdf@AdobeOrg',
  metaScopes: ['ent_gdpr_sdk', 'ent_user_sdk']

This is the recommended approach.

Response Object

The response object contains three keys:

  • token_type
  • access_token
  • expires_in


const auth = require('@adobe/jwt-auth');
const fs = require('fs');

const config = {
  clientId: 'asasdfasf',
  clientSecret: 'aslfjasljf-=asdfalasjdf==asdfa',
  technicalAccountId: 'asdfasdfas@techacct.adobe.com',
  orgId: 'asdfasdfasdf@AdobeOrg',
  metaScopes: ['ent_dataservices_sdk']
config.privateKey = fs.readFileSync('private.key');

  .then(token => console.log(token))
  .catch(error => console.log(error));


Contributions are welcomed! Read the Contributing Guide for more information.


This project is licensed under the Apache V2 License. See LICENSE for more information.

Current Tags

  • 0.3.1                                ...           latest (a year ago)

9 Versions

  • 0.3.1                                ...           a year ago
  • 0.3.0                                ...           a year ago
  • 0.2.0                                ...           a year ago
  • 0.1.0                                ...           2 years ago
  • 0.0.5                                ...           2 years ago
  • 0.0.4                                ...           2 years ago
  • 0.0.3                                ...           2 years ago
  • 0.0.2                                ...           2 years ago
  • 0.0.1                                ...           2 years ago

Copyright 2014 - 2016 © taobao.org |