Question
EY
ES
Last activity: 2 Jul 2025 10:36 EDT
Implementing OAuth for external systems
Hi everyone,
We are looking for creating REST services or reuse those services from DX API but we need to connect these services with an intermediary called ESB. This tasks guide us to some kind of security restrictions and we would like to understand how OAuth 2.0 and its architecture works.
I am reaching out to request clarification regarding the implementation of OAuth 2.0 within the Pega Cloud environment. Specifically, I would like to understand whether the OAuth 2.0 authorization server responsible for issuing tokens is architecturally separated from the rest of the Pega Cloud services.
We are interested in the following points:
- The structure of the OAuth 2.0 server within Pega Cloud.
- Whether the token issuance endpoint is isolated from the core application services.
- Any relevant documentation or best practices for integrating with the OAuth 2.0 server in this context.
Thank you so much beforehand!
Best regards,
Carlos
Pegasystems Inc.
US
In Pega Cloud, the OAuth 2.0 Management Services allow you to manage token-based security for user sessions. The OAuth 2.0 server is responsible for issuing tokens and is designed to grant access to protected resources without revealing long-term credentials. The architecture typically involves a separation between the OAuth 2.0 authorization server and core application services, ensuring that token issuance is handled securely. For integrating with the OAuth 2.0 server, you can refer to the OAuth 2.0 Management Services documentation, which outlines the REST endpoints and their purposes, including keys endpoints and token introspection endpoints. This structure helps maintain security while allowing external systems to access Pega services over HTTPS.
⚠ This is a GenAI-powered tool. All generated answers require validation against the provided references. OAuth 2.0 Management Services