Enabling data synchronization with OAuth 2.0 tokens

You can configure Pega Platform to support the OAuth 2.0 tokens, which are used to authorize data synchronization requests sent from the Client Store module in Pega Mobile Client. By default, tokens are passed to the OAuth 2.0 server for remote validation. You can configure Pega Platform to validate the tokens locally. To use the local token validation mode, you must define and configure the local token validation profile.

Note: Make sure that you have the OAuth 2.0 server configured to use the Resource Owner Password Credentials grant type.

Create the following Dynamic System Settings to enable OAuth 2.0 token support:

• OAuth2/token_url - A URL of the OAuth 2.0 server, used by the Pega Mobile Client to obtain tokens.

• OAuth2/client_secret - A setting used to pass the client_secret credential.

• OAuth2/client_id - A setting used to pass the client_id credential.

• OAuth2/tokeninfo_url - A URL of the OAuth 2.0 server, used by Pega Platform to validate tokens. If you plan to use the local token validation mode, you can ignore the last Dynamic System Setting.

Creating Dynamic System Settings

1. In Designer Studio, click Create > SysAdmin > Dynamic System Settings.
2. In the Short description field, enter a name of the setting, for example OAuth2/token_url.
   
3. In the Owning Ruleset field, enter the name of the ruleset: Pega-AppDefinition.
4. In the Setting Purpose field, enter the same value as in the Short description field.
5. Click Create and open.

Repeat this procedure for all the required Dynamic System Settings.

Enabling local token validation

1. In Designer Studio, enter pyOfflineOAuth2LocalTokenValidation into the search text field and press Enter.
2. In the list of results, click the .pyOfflineOAuth2LocalTokenValidation Declare Expression.
3. Change the Boolean value to true.
4. Click Save as > Specialize by class or ruleset.
5. In the Add to ruleset field, select the ruleset of your application.
6. Click Create and open.

Configuring Pega Platform to validate OAuth 2.0 tokens locally

1. In Designer Studio, enter pyOfflineOAuth2LocalTokenValidationProfile into the search text field and press Enter.
2. In the list of results, click the .pyOfflineOAuth2LocalTokenValidationProfile Declare Expression.
3. Set the declare expression's value by entering a name of the token validation profile, for example, jwtOAuth2DefaultValidationProfile.
4. Click Save as > Specialize by class or ruleset.
5. In the Add to ruleset field, select the ruleset of your application.
6. Click Create and open.
7. Create a processing JSON web token profile, using the name that you defined in step 3 above.

Open topic with navigation