Configuring SSO login authentication with a SAML identity provider
After you create a SAML SSO authentication service, configure it so that Pega Platform uses the specified identity provider for authenticating users. You can map attributes from the identity repository to properties in Pega Platform, and also configure optional features such as preauthentication and postauthentication activities and operator provisioning.
Create a SAML SSO authentication service, or open an existing service from the navigation panel in Dev Studio by clickingand selecting a SAML SSO authentication service from the instance list.
In the Authentication service alias field, specify an alias to represent a unique value for this service. This value becomes the final part of the URL path for users to access Pega Platform.
Login URL is a read-only field that displays the URL that accesses Pega Platform and uses this service for user authentication.
In the Provider logo field, specify an image to display on the login screen that identifies this provider.
Configure the optional parameters of the service.
- Specifying preauthentication and postauthentication activities for a SAML SSO authentication service
- Requiring reauthentication for new and expired sessions for a SAML SSO authentication service
- Configuring operator provisioning for a SAML SSO authentication service
- Overriding the service provider settings for a SAML SSO authentication service
- Enforcing policies from the Security Policies landing page
- Updating an expired IDP certificate in a SAML Authentication Service
- Updating an expired Service Provider certificate in a SAML Authentication Service
- Authentication services
To override or extend the default authentication process, create and configure an authentication service.
- More about authentication services
This page describes additional topics relevant to authentication services that are not directly referenced on the rule form.