Skip to main content

Discussion

 Di Smith-Knowles (DianeSK)
PEGA
Partner Success Tech Lead - AMS
Pegasystems Inc.
US
DianeSK Member since 2010 30 posts
PEGA
Posted: Dec 15, 2020
Last activity: Dec 16, 2020
Posted: 15 Dec 2020 19:46 EST
Last activity: 16 Dec 2020 5:20 EST

LSA UI/UX: DX API - Security

How to handle URL tampering? Is there something Pega does automatically

URL will be completely different in Cosmos React. The Rest api will also be protected to NOT allow remote code execution.

I saw that DX Api starter pack serves only Basic authentication.

Yes – there is no plan to add other types of authentication in these started packs

I saw that DX Api starter pack serves only Basic authentication. Is there any way for us to make it work with SSO?

Yes – you can change how the authentication is handled

Do we have to use reverse proxy to mitigate same origin web page restriction?

No – the UI service should run in the same domain

Will there be a way for changing the security of the DX API OOTB? Nowadays, we have to specialize the services in a separate service package, maybe an option to have Oauth2.0 / JWT OOTB?

Service packages supports different types of authentication like OAuth or JWT token - this feature has been available for several years - https://community.pega.com/knowledgebase/articles/data-integration/accessing-pega-api-using-oauth-20

***Edited by Moderator: Pooja Gadige to add Developer Knowledge Share tag***
To see attachments, please log in.
Pega Platform
User Experience
Lead System Architect
Developer Knowledge Share

  • Reply

Related content:

Related content has not currently been identified for this post.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice