Controlling access to and from external applications
You can configure Pega Platform to access external systems to retrieve data and perform application processing. Similarly, you can allow external systems to access services in Pega Platform. By communicating with external systems, you can make use of functionality that has already been configured, and avoid the need to duplicate the same functions in multiple applications.
The following topics describe the authentication features of Pega Platform. For information about the topology of relationships with external systems, see Integrating your application with external resources.
- Creating an authentication profile
Create an authentication profile to move messages securely to and from your application with a variety of connector and server rules.
- Setting up an OAuth 1.0 client
Configure an OAuth 1.0 client data instance to allow an external application to access Pega Platform by using OAuth 1.0.
- Configuring an OAuth 1.0a authentication profile
Configure an OAuth 1.0a authentication profile so that messages are sent to and from your application by using OAuth 1.0. To learn how to obtain the values that are needed for the fields on this tab, consult the API guide of the external application to connect to.
- Setting up an OAuth 2.0 client registration
Configure an OAuth 2.0 client registration data instance to allow an external application or mobile native application to access Pega Platform REST services over HTTPS.
- Creating and configuring an OAuth 2.0 provider
To enable your application to securely access an external application over HTTPS, create an OAuth 2.0 provider data instance.
- Creating an identity mapping data instance
If you use OAuth 2.0 Client Registration instances that authenticate users through a SAML 2.0 Assertion, JSON Web Token, or custom source, you need to specify how the Pega server identifies an operator and how to map the user identity information for use in the Pega application.