Do the APIs enable CORS for the JSON or for renditions? Would you need OAuth to access image data?
Jane created an application at her site janesplace.com. In her cloud document (her XD project) she has images or image assets and wants to show them on her site.
When visiting her page she uses the Cloud API to get the XD project JSON and displays the images or image assets listed in the JSON data in her own project.
The urls in her images are as so:
<img src="adobecloud.com/documents/?id=123.xd&asset=123.png" width="100" height="100"/>
If she marks the project private then you could request a OAuth key or if she marks the project public the JSON would be available across site.
IIRC or incorrectly, sites in the past and possibly present allow pages to retrieve remote images others don’t and somewhere in-between is CORS providing some solutions.