Defining processing and authentication for service packages
Complete the Context tab to indicate whether stateful or stateless processing applies to this package, and to identify an access group for listeners and requestors.
From the Processing mode list, select the processing method for the services included in the service package: if the services in this package can be run by any requestor in a pool of requestors, without regard to processing that the requestor performed earlier.
Choose this value carefully. Using requestor session pooling might improve performance if a high volume of uniform requests arrive, even when authentication is required.
- If the services in this package can be run by any requestor in a pool of
requestors, without regard to processing that the requestor performed earlier, select
Select Stateless to perform a simple calculation from inputs. The service request arrives, your activity performs a calculation, and then sends the response.
- To maintain a clipboard across second and subsequent service requests, select Stateful.
- If the services in this package can be run by any requestor in a pool of requestors, without regard to processing that the requestor performed earlier, select Stateless.
In the Service access group field, enter the access group for the service package.This access group is used during rule resolution to find the correct service rule at run time.
For more information, see Service package access group.
If the service request requires authentication, select Requires authentication.When you select this option, the system expects Pega Platform operator ID and password values in the arriving request message.
For more information about where to configure the password for authentication, see Service package access group.
From the Authentication type list, select the type of authentication to use.
- Basic: Select for HTTP-based services such as REST, HTTP, SOAP, and SAP. The system expects Pega Platform operator ID and password values in the arriving request message.
- OAuth 2.0: Select this option only for REST services for access that uses open authorization.
- Custom: Select to provide an authentication service.
If you are using LDAP authentication, select an authentication service (a Data-Admin-AuthService instance) when the service type is SOAP (Rule-Service-SOAP) or HTTP (Rule-Service-HTTP), SAP (Rule-Service-SAP, or REST (Rule-Service-REST).Authentication service is required only for custom authentication, including LDAP and SAML 2.0 authentication. You can also use HTTP Basic for user authentication, or, in the case of HTTP Service you can provide the HTTP headers UserIdentifier and Password for user authentication instead of basic authentication.
Complete the following steps for the authentication type you selected in step 4.
Authentication type Action Basic
If you want to use TLS/SSL for service REST rules that belong to this service package, select Require TLS/SSL for REST services in this package.When you select this check box, all invocations of REST services belonging to this service package must use TLS/SSL, which uses the HTTPS protocol. If REST services are invoked by using HTTP, a code 403 status is returned with a warning.
OAuth 2.0 No further steps are required. See step 6. Custom In the Authentication Service field, select an authentication service.
Select Suppress Show-HTML to skip any activity step that calls the Show-HTML method in the service activities that execute through service rules that reference this service package instance.By selecting this option, you reuse or share an activity that supports both interactive users and services.
Select Treat REST request without Content-Type as binary data to allow the system to treat the request as binary data if a content type is not provided in the request.This option is displayed if you select Rule-Service-REST as the service type in the Methods section.
- Service package access group
Learn about the differences between configuring a service package access group for an authenticated user and unauthenticated user. Review the following information so you can decide which configuration applies to your business needs before completing the Context tab of your service package.
ArticleService REST monitoring
ArticleCreating a service package