Mapping operator information for an OpenID Connect SSO authentication service
You can map attributes obtained from the UserInfo provider to selected properties and pages used by your preauthentication and postauthentication activities or by other Pega Platform features such as access control policies. Mapping complements the use of preauthentication and postauthentication activities, operator provisioning by data transform, authentication against an external repository, and other actions.
Open the service from the navigation panel in Dev Studio by clickingand choosing a service from the instance list.
Click the Mapping tab.
Map the attributes from your login process to properties and pages that are used by your preauthentication and postauthentication activities or elsewhere in Pega Platform.
You can use the following properties and pages in the Map from field. You can also reference custom properties and pages that are used in a login flow, and you can use the Expression Builder.
Page name Description pxRequestor The requestor page
You can use the following properties and pages in the Map to field. You can also reference custom properties and pages that are used in a login flow.
Page name Description OperatorID Properties of the operator ID D_pyOperatorAttributes Requestor-scoped data page for caching operator attributes D_pyOperatorDeviceInformation Requestor-scoped data page for caching operator device information
You can also use the following properties and pages in the Map from field for an OpenID Connect authentication service.
Page name Description D_pyUserInfoClaims The OIDC claim.
- Authentication services
To override or extend the default authentication process, create and configure an authentication service.
- More about authentication services
This page describes additional topics relevant to authentication services that are not directly referenced on the rule form.
- Configuring an OpenID Connect SSO authentication service
After you create an OpenID Connect SSO authentication service, configure it so that Pega Platform uses the specified identity provider for authenticating users. You can map claims from the OpenID Connect provider to properties in Pega Platform, and configure optional features such as preauthentication and postauthentication activities and operator provisioning.
- Expression Builder