Discussion
Pegasystems Inc.
JP
Last activity: 12 Sep 2024 5:24 EDT
How to build SSO with OIDC (OpenID Connect)
Hi,
Though SAML is still widely used, OIDC (OpenID Connect) is rapidly growing in popularity and more and more Pega customers are adopting OIDC for Single Sign On. In this post, I will share how to build OIDC SSO using Okta, Keycloak and Google as OP (OpenID Provider). The tutorials attached include the following contents.
1. Okta (Cloud)
1. Set up Okta
1-1. Create an application
1-2. Add person
2. Configure Pega Platform
3. Mapping claims
3-1. JWT (ID Token)
3-2. UserInfo
2. Keycloak (On-Premise)
1. Set up Keycloak
1.1. Install JDK
1-2. Install Keycloak
1-3. Create an admin user
1-4. Create a realm
1-5. Create a user
1-6. Set up clients
2. Configure Pega Platform
3. Mapping claims
3-1. Keycloak out-of-the-box attributes
3-2. Custom attributes
3. Google (Cloud)
1. Set up Google
1-1. Create a project
1-2. Configure OAuth consent screen
1-3. Create OAuth client
2. Configure Pega Platform
3. Network consideration
3-1. Pega Cloud
3-2. Registering domain for your local PC
4. Mapping claims
Hope this helps.
Thanks,
-
LK
@KenshoTsuchihashi Thank you
Ministry of Education Saudi Arabia
SA
@KenshoTsuchihashi How to send code challenge for OpenID we are getting below error message without code
"Unable to execute OIDC flow : FBTOAU202E The required parameter: [code_challenge] was not found in the request."