How to make Service-REST authenticated using external JWT
Planning to use access_token (Bearer jwt) for user identification and the JWT comes from external system as part of service request/authorization header. Presently, service isn't configured with authentication and simply taking jwt as part of request header and validating it . since service is unauthenticated we are getting couple of issues around executing authentication activities ..
Decided to make the service authenticated but it's asking userName and password to run it , Do we really need to pass pega operator id and pwd in order to execute the service ?
Pegasystems Inc.
IN
To run from Service-REST rule, either you can use current logged in user context OR you can give different user ID and password. For your use case, you can test using tools like postman and pass the JWT token as header.
Thanks.
Skandiabanken
SE
I'm not sure how to pass the external jwt (access token ) to Authentication service . Any mapping needs to be done in AuthenticationService ?
I tried to pass it like below from soap UI but it didn't work .
I see Authorization parameter is blank , seems we need to make mapping configuration in authentication service and i have no clue how to make it .
| pxObjClass | Code-Pega-List |
| pyNewMessage | {"errors":[{"ID":"invalid_authorization_header","message":"Invalid Authentication Data."}]} |
| pyDESC | 400 |
| pzStatus | false |
| message_1 | pyDESC: (Code-Pega-List)InvalidTrueFalseValue 400 |