Request a JWT for Experience Edge XM

Experience Edge for XM provides APIs that help you administer your Edge tenant and provide access to your content.

The following APIs are available:

  • Delivery API - GraphQL API that provides access to your published content.

  • Token API - REST API that enables you to manage the API keys used to access the Delivery API.

  • Admin API - REST API that enables you to administer your Edge tenant.

To run any operation on the Delivery API, you need to generate an Edge token. There are several ways to do this, you can:

To run any operation on the Token API or Admin API:

  • Request a JSON Web Token (JWT) and include it in every call to the API.

Before you begin

Before you can request a JWT, you need to create client credentials consisting of a client ID and client secret. The credentials type depends on the level of access you want to grant.

Request a JWT

To request a JWT for Experience Edge XM:

  • Make a POST request to https://auth.sitecorecloud.io/oauth/token, and include the following properties:

    Name

    Value

    audience

    https://api.sitecorecloud.io

    grant_type

    client_credentials

    client_id

    The client ID of your Edge administration or automation client.

    client_secret

    The client secret of your Edge administration or automation client.

If your request is successful, you receive the access_token, scope, expires_in, and token_type values. The scope depends on the type of credentials you created.

Use the access token value to generate an Edge token using the XM Cloud Deploy REST API or the Token API or to authorize requests to the Admin API.

Important

Pay attention to the expires_in property of the response because JWTs typically expire in 24 hours. After that time, the token is invalid and you must request a new token.

Example

For the following cURL example, the data is encoded as form data. Therefore the POST request includes the Content-Type request header with the value application/x-www-form-urlencoded :

RequestResponse
curl --request POST --url "https://auth.sitecorecloud.io/oauth/token" --header "content-type: application/x-www-form-urlencoded" --data audience=https://api.sitecorecloud.io --data grant_type=client_credentials --data client_id=<your-client-id> --data client_secret=<your-client-secret>

The endpoint accepts other content-type headers, such as application/json.

The request returns the following response:

RequestResponse
{
    "access_token": "eyJhbGciOiJSUzI1NiI...",
    "scope": "xmclouddeploy.organizations:manage xmclouddeploy.projects:manage xmclouddeploy.environments:manage...",
    "expires_in": 86400,
    "token_type": "Bearer"
}

Do you have some feedback for us?

If you have suggestions for improving this article,