# Migrate from JWT to OAuth V2 (Server-to-Server)

## JWT is going out of business, and you need to migrate

JWT API Credentials will no longer be supported after Januar 27 2025. Starting June 3, you can no longer create new JWT credentials, only OAuth V2 (Server-to-Server). See [Adobe's deprecation timeline and more details here](https://developer.adobe.com/developer-console/docs/guides/authentication/ServerToServerAuthentication/migration/#deprecation-timelines). 

The Component Manager will support JWT credentials as long as Adobe does (Jan 27, 2025), so you don't need to change to OAuth right away. 

If your Component Manager account previously had JWT credentials, you need to eventually migrate them to OAuth V2. This guide shows you how to do that:

1. Go to [developer.adobe.com -> Projects](https://developer.adobe.com/console/projects/) and open your Component Manager Project
2. Click on **"Go to credential"** in the blue popup (or click on "Service Account (JWT)" below). 

<figure><img src="https://1078995354-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MboPawbBXUHMz6mjuP9%2Fuploads%2Fn24ftpfzSJU5snQ6X3KR%2Fimage.png?alt=media&#x26;token=3c3a7241-2bb4-4074-b5b9-29a401e56ba7" alt=""><figcaption></figcaption></figure>

3. Click on "Add new credential":

<figure><img src="https://1078995354-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MboPawbBXUHMz6mjuP9%2Fuploads%2Fuu2F61uO81orSQyl2EkW%2Fimage.png?alt=media&#x26;token=095fe84c-60a2-4522-b94a-31e01220f1eb" alt=""><figcaption></figcaption></figure>

4. After confirming, you should see "Step completed" in green. Click on "OAuth Server-to-Server" on the left side.

<figure><img src="https://1078995354-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MboPawbBXUHMz6mjuP9%2Fuploads%2For30Xx7NR0MncusKiliq%2Fimage.png?alt=media&#x26;token=8251fa49-3664-4c49-a4f8-6a7fcb43ee13" alt=""><figcaption></figcaption></figure>

5. Scroll down to review your new OAuth V2 credential. Note that Client ID, Secret, Tech ID, Tech E-Mail and Org ID stay the same as with JWT! The only new thing are the **Scopes** and the Credential Name. For our migration, we only need the **Scopes.**

<figure><img src="https://1078995354-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MboPawbBXUHMz6mjuP9%2Fuploads%2F1dDVy88p7yZoGEWcSf2E%2Fimage.png?alt=media&#x26;token=648a90b6-ed85-47bb-a983-9a8a879ded2d" alt=""><figcaption></figcaption></figure>

6. Now go to your Component Manager Google Sheet and click on Extensions -> AA Component Manger -> Setup

<figure><img src="https://1078995354-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MboPawbBXUHMz6mjuP9%2Fuploads%2F7cnB12iRoWZsyivcxyD7%2Fimage.png?alt=media&#x26;token=f6a039b7-b54e-47b7-b55f-a6130b4e8212" alt=""><figcaption></figcaption></figure>

7. The first question is now for the Scopes. Copy the Scopes from the Credential Details page shown under point 5 above and paste them:

<figure><img src="https://1078995354-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MboPawbBXUHMz6mjuP9%2Fuploads%2FIdiE52BTCWdnJsGVmhXX%2Fimage.png?alt=media&#x26;token=7999d53c-bbc9-4280-a591-fde5cc5fbfb9" alt=""><figcaption></figcaption></figure>

{% hint style="info" %}
If you do not provide Scopes, the Component Manager assumes you are still on JWT and will ask for JWT-related credentials like Tech ID and Private Key.
{% endhint %}

8. You can **then click OK for all the next steps** because neither your Client ID, Secret nor Org ID should have changed. You won't be asked for the **Tech ID and Private Key**, because they are **not needed for OAuth V2.**

<figure><img src="https://1078995354-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MboPawbBXUHMz6mjuP9%2Fuploads%2FgCOwzd0N7dmn5sIwClsL%2Fimage.png?alt=media&#x26;token=df9ec517-efab-45de-b4e6-b3f89b73410b" alt=""><figcaption></figcaption></figure>

9. With JWT, you needed the credentials plus the private key to do anything. For OAuth V2, Scopes, Client ID, Org ID and the Secret are enough. That is why we no longer store the **Client Secret** in the sheet's "config" tab, as that would give anyone with access to the sheet all the credentials to query your Adobe Analytics API:

<figure><img src="https://1078995354-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MboPawbBXUHMz6mjuP9%2Fuploads%2FJeais9hIHcWRBnNDGR9d%2Fimage.png?alt=media&#x26;token=22d9c462-fd54-45dc-8716-791b9012e698" alt=""><figcaption></figcaption></figure>

After going through the rest of the setup as usual, you should finally receive a success message on the bottom right when everything has been completed.

You should now also see your scopes at the bottom of the "Other Settings" columns:

<figure><img src="https://1078995354-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MboPawbBXUHMz6mjuP9%2Fuploads%2FW9W9DyVYRG7gh8ZjG8Um%2Fimage.png?alt=media&#x26;token=5a9c4972-e50a-4fba-bdb2-744b777efefd" alt=""><figcaption></figcaption></figure>

10. We recommend you go to the Developer Project page now and delete the JWT credentials to avoid confusion later (and all those reminder e-mails from Adobe 😆).

<figure><img src="https://1078995354-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MboPawbBXUHMz6mjuP9%2Fuploads%2FxDHU18LZI7wTl2vhgArO%2Fimage.png?alt=media&#x26;token=1c1440d5-0f6a-4e16-b4e7-263ef7b74c87" alt=""><figcaption></figcaption></figure>

## Struggling? Found a bug?

Please don't hesitate to reach out to us [via our Contact options](https://docs.datacroft.de/contact) or via component-manager\[at]datacroft.de.