LinkedIn
Copied!

Table of Contents

Testing login authentication services

Version:

Only available versions of this content are shown in the dropdown

You can test and debug an authentication service in a development or staging environment by setting the appropriate log level.

  1. Set the logger to debug. For performance and security reasons, do not use this setting in a production environment.

    • For a SAML authentication service, the logger is com.pega.pegarules.integration.engine.internal.util.PRSAMLv2Utils.
    • For an OIDC authentication service, the loggers are:
      • com.pega.pegarules.integration.engine.internal.auth.oidc.NimbusOIDCClientHandler
      • com.pega.pegarules.integration.engine.internal.auth.oidc.OIDCClientHandler
  2. Optional:

    For an OIDC authentication service, get the claim values by using remote tracing.

    1. Open a browser window to the application login screen and proceed to the login screen for your identity provider. Do not log in yet.

    2. In a separate browser window for Dev Studio, do the following steps:

      1. In the developer toolbar, click Tracer.
      2. From the Tracer dialog, click Settings, and under Pages to Trace, enter D_pzSSOAttributes. Click Add, and then click OK.
      3. From the Tracer dialog, click Remote Tracer, select the ID of the unauthenticated requestor, and click OK.
  3. Attempt to log in by authenticating with the identity provider.

  4. Examine the console log by clicking Configure System Operations Logs Log files and selecting the Pega log.

  5. Use a third-party tool to decode the Base64-encoded assertion from the log.

Did you find this content helpful?

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.