Adobe Analytics supports AUTHORIZATION_CODE grant type for
OAuth2.
This grant type is considered “three-legged” OAuth as it relies on
redirecting users to the third-party authorization server to authenticate the user.
Users may opt to create their own connected app in Adobe Analytics and provide their own
client ID and client secret when creating connections through the AWS Glue console. In this
scenario, they will still be redirected to Adobe Analytics to login and authorize AWS Glue
to access their resources.
This grant type results in a refresh token and access token. The access token is short lived, and may be refreshed automatically without user interaction using the refresh token.
For public Adobe Analytics documentation on creating a connected app for AUTHORIZATION_CODE OAuth flow, see
Adobe Analytics APIs
To configure a Adobe Analytics connection:
-
In AWS Secrets Manager, create a secret with the following details:
For customer managed connected app – Secret should contain the connected app Consumer Secret with
USER_MANAGED_CLIENT_APPLICATION_CLIENT_SECRETas key.Note
It is a must to create a secret per connection in AWS Glue.
-
In AWS Glue Studio, create a connection under Data Connections by following the steps below:
-
When selecting a Connection type, select Adobe Analytics.
-
Provide the
x_api_key, instanceUrlof the Adobe Analytics you want to connect to. -
Select the IAM role for which AWS Glue can assume and has permissions for following actions:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "secretsmanager:DescribeSecret", "secretsmanager:GetSecretValue", "secretsmanager:PutSecretValue", "ec2:CreateNetworkInterface", "ec2:DescribeNetworkInterface", "ec2:DeleteNetworkInterface", ], "Resource": "*" } ] } -
Select the
secretNamewhich you want to use for this connection in AWS Glue to put the tokens. -
Select the network options if you want to use your network.
-
-
Grant the IAM role associated with your AWS Glue job permission to read
secretName.
