Authorization

Follow this guide to create a new Adobe Experience Platform credential that will allow Nexla to authenticate to and exchange data with your Adobe Experience Platform organization.

Adobe Experience Platform

Prerequisites

Before creating an Adobe Experience Platform credential in Nexla, you must set up an OAuth Server-to-Server integration in the Adobe Developer Console. Adobe Experience Platform uses OAuth 2.0 Server-to-Server authentication for all API access — the previously supported JWT authentication method has been deprecated as of June 30, 2025, and all integrations must use OAuth Server-to-Server credentials.

Required Access

Your Adobe account must have developer and user permissions for an Experience Platform product profile. If your account does not yet have developer access, a system administrator can grant it through the Adobe Admin Console.

To grant developer access (Adobe Admin Console):

1. Sign in to the Adobe Admin Console with your administrator Adobe ID.

2. Navigate to Products and select Adobe Experience Platform.

3. From the Product Profiles tab, select the appropriate product profile (e.g., AEP-Default-All-Users).

4. Select the Developers tab, then click Add Developer.

5. Enter the developer's email address or username, and click Save.

Create an OAuth Server-to-Server Integration

Once developer access is confirmed, create an integration project in the Adobe Developer Console to obtain the credentials needed for Nexla.

1. Navigate to the Adobe Developer Console and sign in with your Adobe ID.

2. Click Create new project on the Projects overview page. Alternatively, select an existing project if you want to add Experience Platform API access to it.

3. On the Project Overview screen, click Add API.

4. In the API catalog, select the product icon for Adobe Experience Platform, then choose Experience Platform API and click Next.

5. On the authentication configuration screen, select OAuth Server-to-Server as the credential type and click Next.

6. Select the appropriate product profile (e.g., AEP-Default-All-Users) and click Save Configured API.

   The product profile you select determines what data and operations are accessible via the API. Contact your Adobe Experience Platform administrator to confirm which product profile grants the level of access required for your Nexla integration.

7. After saving, navigate to Credentials > OAuth Server-to-Server in the left panel of your project. Here you will find the following values needed for the Nexla credential:

   • Client ID — the public identifier for your integration
   • Client Secret — the private secret used to generate access tokens (click Retrieve Client Secret to reveal it)
   • Organization ID — your Adobe IMS Organization ID, also shown as IMS Org ID
   Important

   Copy the Client Secret immediately after retrieving it and store it securely. Treat this value like a password — it grants access to your Adobe Experience Platform organization.

8. Note your Sandbox Name. By default, Adobe Experience Platform provides a production sandbox and one or more development sandboxes. Each API request is scoped to a specific sandbox. You can find your available sandboxes by navigating to Data Management > Sandboxes in the Experience Platform UI, or by querying the Sandboxes API.

   For production workloads, use the prod sandbox. For development and testing, Adobe recommends using a dedicated development sandbox to avoid affecting production data.

For complete information about setting up OAuth Server-to-Server authentication, see the Adobe Experience Platform API Authentication guide.

Create an Adobe Experience Platform Credential

• To create a new Adobe Experience Platform credential, after selecting the data source/destination type, click the Add Credential tile to open the Add New Credential overlay.

Credential Name & Description

1. Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.

   Resource descriptions are recommended but are not required. They should be used to provide information about the resource purpose, data freshness, etc. that can help the owner and other users efficiently understand and utilize the resource.

OAuth Server-to-Server Authentication

Adobe Experience Platform uses OAuth 2.0 Server-to-Server authentication. Nexla uses your Client ID, Client Secret, and Organization ID to request short-lived access tokens automatically — you do not need to generate or manage access tokens manually.

2. Enter your Client ID in the Client ID field. This value is displayed on the OAuth Server-to-Server credentials page in your Adobe Developer Console project.

3. Enter your Client Secret in the Client Secret field. This value is available by clicking Retrieve Client Secret on the OAuth Server-to-Server credentials page in your Adobe Developer Console project. Store this value securely, as it cannot be retrieved again after leaving the page.

4. Enter your Organization ID in the Organization ID (or IMS Org ID) field. This is your Adobe IMS Organization ID, displayed on the OAuth Server-to-Server credentials page and also visible in the top-right corner of the Experience Platform UI.

5. Enter the name of the Adobe Experience Platform sandbox you want to access in the Sandbox Name field. Use prod for the production sandbox or the name of a development sandbox (e.g., dev or your custom sandbox name).

   All Experience Platform API requests are scoped to a specific sandbox. If you need to access data from multiple sandboxes, create a separate Nexla credential for each sandbox.

Save the Credential

1. Once all of the relevant steps in the above sections have been completed, click the Save button at the bottom of the overlay to save the configured credential.

2. The newly added credential will now appear in a tile on the Authenticate screen during data source/destination creation and can be selected for use with a new data source or destination.