Best practice to configure web layer (reverse proxy) with SSO when using OAuth | Support Center

Contact a Moderator
Back to top

Question

MingEeL4

Member since 2017

SWIFT

Posted: Sep 23, 2024

Last activity: Oct 7, 2024

Posted: 23 Sep 2024 0:27 EDT
Last activity: 7 Oct 2024 16:05 EDT

Best practice to configure web layer (reverse proxy) with SSO when using OAuth

Report

Hi,

I have a pega app that had setup with SSO.

Recently, there was development to display cases with OAuth.

The case page display wrongly the first time after user login.

The case page only display correctly after user open the same URL again.

The cookies when display wrong page.

Pega-AAT = Pega-AAT=%7Bapp%7D; Path=/xxx/; Max-Age=0; Secure; HttpOnly

Pega-RULES={atn}e3ByfW9ScGM5......rZXF2dz09%7Bapp%7D; Path=/xxx/; Max-Age=120; Secure; HttpOnly;

The cookies when display correct page.

Pega-AAT=eyJraWQiOiI3Nj......07JE2nlqoE%7Bapp%7D; Path=/xxx/; Secure; HttpOnly

Pega-RULES=%09%7Bpd%7DAAAABw......D%3DA%7Bapp%7D; Path=/xxx/; Secure; HttpOnly;

I'm wondering is there specific cookies setting need to be set in the reverse proxy.

***Edited by Moderator Rupashree S. to add Capability tags***

To see attachments, please log in.

Reply
Like (0)
Share this page Facebook Twitter LinkedIn Email Copying... Copied!

Posted: 1 month ago

Updated: 1 month ago

Posted: 7 Oct 2024 16:04 EDT
Updated: 7 Oct 2024 16:05 EDT

MarijeSchillern

MOD

replied to MingEeL4

Report

@tents @jastg please can someone in the Security SME team answer this question?

All I could find was the below documentation:

Troubleshooting Pega mashup issues caused by browsers blocking third-party cookies

Troubleshooting web embeds

To see attachments, please log in.