Add support for OAuth server-to-server authentication

[charlie-gallagher]

Issue

JWT authentication is deprecated and will only be supported until January 1, 2025. Current integrations using JWT will need to migrate to OAuth Server to Server prior to January 1, 2025.

Source: https://developer.adobe.com/analytics-apis/docs/2.0/guides/#authentication

From what I can see we don't support this yet, and we should make an update to the documentation as well

Expected Resolution

Add support for it (instructions). My company doesn't yet have a OAuth server-to-server API setup, so I can't test this directly yet. @benrwoodard Let me know if you have access to one we can collaborate on this maybe in early 2024?

[charlie-gallagher]

This migration guide might also be useful to include in readme: https://developer.adobe.com/developer-console/docs/guides/authentication/ServerToServerAuthentication/migration/

[benrwoodard]

This has been on my radar for sure. According to the end of life documentation, we need to support the new S2S Oauth before May 1. My limited discovery/ inquiry into it made httr2 vs httr. I would like your thoughts on whether the new features of the httr2 package would lead to faster and more efficient development of the auth functions. It seems to have additional prebuilt support for Oauth and S2S Oauth but I may be missing something.

[hein3r]

Any updates to this issue? I am somewhat dependent on this OAuth-Feature. So it would be very cool, if you guys could provide this.

[benrwoodard]

Hey @hein3r,
I haven't added support for S2S oauth yet but the standard oauth flow is not impacted by this change. The impact is related to the JWT authentication process. That authorization is due to expire in January 2025 according to the documentation.

[hein3r]

Hi @benrwoodard, thanks for the hint. However, I need to eliminate most (preferably all) manual user interaction involved in the authentification process. My hope was, that the S2S-oauth-feature would provide that, maybe by storing the refresh token somewhere indefinitively, once it was manually generated. Also, the authenfiication process is triggered by a script running in a Posit Workbench server instance.

[benrwoodard]

This makes a lot more sense. Thank you for the clarity. So JWT is the way to get that done now. The S2S is going to provide that once we get that added. I'll leave this issue open and keep you posted on the progress.

[jazzyjens25]

Hello Ben, would you be so kind to share your plans for the S2S authorization in adobeanalyticsr here? I have to move to S2S authorization soon for one of my projects that uses your very useful package and would like to manage expectations. Thank you for making my life easier with your work.

[hein3r]

Hi Ben, there are two moth left of JWT support and I am starting to get anxious. Would you be so kind and find the time to let us participate on your thoughts? Is there a chance for S2S-OAuth-Support any time sonn?

If not, I must start right away to find other solutions.

Thanks again.

[benrwoodard]

Hey @hein3r, Thanks for reaching out. I understand the anxiousness for sure. Further took over the project back in July of this year and is the maintainer of the adobeanalyticsr and cjar projects now. I'll see what I can do move the OAuth S2S support along but I no longer have the ability to approve PRs.