Configuring user authentication with OAuth 2.0 tokens with Pega Mobile Client

You can configure Pega Platform to support user authentication against an external OAuth 2.0 server with Pega Mobile Client. In this scenario, Pega Mobile Client does not send user credentials to the Pega Platform. Instead, Pega Mobile Client sends user credentials to the OAuth 2.0 server for validation. The OAuth 2.0 server returns the access token that is then used to connect to Pega Platform.

Before you begin: Make sure that you have a working instance of the OAuth 2.0 authorization server that is configured to use the Resource Owner Password Credentials grant type.

To configure user authentication with OAuth 2.0 tokens you must perform the following tasks:

  1. Create Dynamic System Settings.
  2. Create a custom authentication service.
  3. Create a keystore.
  4. Configure the service package.
  5. Create operator instances.
  6. Set an alternative server URL.
  7. Build a custom mobile app.