Close popover

Table of Contents

Selecting an authentication service

Version:

Build safe mobile apps by selecting an authentication source that matches your security requirements. For example, you can use the default account authentication to effectively build secure apps that users can access with Pega Platform credentials.

Prepare the framework for using an authentication service with your mobile app:
  • Create a mobile channel for your app. For more information, see Setting up mobile apps.
  • Ensure that your Pega Platform instance uses HTTPS and a trusted SSL certificate.

By default, mobile apps use the OAuth 2.0 authorization code grant flow against the Pega Platform authentication service. The configuration of this framework is automatic when you build your app. Alternatively, you can configure Pega Infinity Mobile Client to use the OpenID Connect authorization code flow directly against an external identity provider. For more information, see Configuring direct authentication against an external OIDC server for Pega Infinity Mobile Client.

  1. Open your mobile channel:

    1. In the navigation pane of App Studio, click Channels.

    2. In the Current channel interfaces section, click the tile that represents a mobile channel for your app.

  2. On the mobile channel page, on the Configuration tab, click the Security category.

  3. In the Authentication and security section, select how you want to authenticate users in your mobile app:

    • To allow users to access the app without authentication, select Login not required.
    • To ensure that users sign in to the app with the default authentication service, which uses credentials from the Pega Platform database, select Pega Platform account.
    • To allow users to select an authentication service from a screen that displays all enabled services, select Authentication service selected by the end-user.
    • To ensure that users sign in to the app with only one of the enabled authentication services, select Specific authentication service, and then select the service that you want to use.

    Pega Infinity Mobile Client supports the following types of authentication services:
    • OpenID Connect
    • Security Assertion Markup Language
    • Basic credentials
    For more information about creating custom authentication services, see Creating an authentication service.
  4. Click Save.

  • Increasing mobile app security with time-outs and native locks

    Increase the security of your mobile apps by configuring automatic app locks, and by adding convenient and secure mechanisms to unlock them. For example, you can configure your app to lock after a period of time, and make it unlockable by using a native fingerprint scanner.

  • Making mobile apps available to users

    To use a mobile app that you configure for a Pega Platform application in production, configure an operator role to provide users with access to your mobile app.

  • Configuring an OpenID Connect SSO authentication service

    After you create an OpenID Connect SSO authentication service, configure it so that Pega Platform uses the specified identity provider for authenticating users. You can map claims from the OpenID Connect provider to properties in Pega Platform, and configure optional features such as preauthentication and postauthentication activities and operator provisioning.

  • Configuring a SAML SSO authentication service

    After you create a SAML SSO authentication service, configure it so that Pega Platform uses the specified identity provider for authenticating users. You can map attributes from the identity repository to properties in Pega Platform, and also configure optional features such as preauthentication and postauthentication activities and operator provisioning.

  • Configuring a basic authentication service

    After you create a basic authentication service, configure it so that Pega Platform uses the specified security policies for authenticating users. You can also configure optional features such as preauthentication and postauthentication activities.

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.