Skip to main content

Question

 Akshay Hajela (AkshayH4)
EY

EY
IN
AkshayH4 Member since 2015 1 post
EY
Posted: 5 days 1 hour ago
Last activity: 4 days 19 hours ago
Posted: 22 Jan 2025 10:06 EST
Last activity: 22 Jan 2025 16:31 EST

Authentication on react app using pega auth service

Our use case involves a React application that is connecting to Pega via DX API's. On react side, the requirement is to have an authenticated and unauthenticated journey of the user. I understand from the documentations that the we can give authservice in the sdkconfig json file. We have OpenID as our IDP , and we created an authentication service on Pega and added the alias for that in the sdkconfig file. When we are loading the react page, it is trying to authenticate in a popup window and its presenting us the IDP login page. We have following queries where we are stuck for now - 

1. How to initiate the IDP login on the same page of react instead of a popup.

2. Since we have an unauthenticated journey, there are certain pages on the react app which the user can use without any authentication. We have a login button on the click of which the authentication flow should start and connect to the IDP. Currently, since we have given the auth service in the config json file, it is launching the authentication as soon as the page loads but we want to trigger that on the click of the login button. Unless the button is clicked, the DX API calls should happen via a common operatorID and after user logs in, it should switch to the logged in user operator ID.

3. the opposite of point 2 should happen if the user clicks on log off.

***Edited by Moderator Marije to add Capability tags***
To see attachments, please log in.
Pega Platform '24.2
Pega Platform
Security
Data Integration
System Administration

  • Reply
Posted: 4 days ago
Posted: 22 Jan 2025 16:31 EST
Sairohith Thummarakoti (Sairohith)
HCA Healthcare
Consultant Application Engineer
HCA Healthcare
US

@AkshayH4 To authenticate your React app using Pega Auth service while allowing both authenticated and unauthenticated user journeys, follow these steps. First, modify your sdkconfig.json to prevent automatic authentication on page load by removing or conditionally setting the authservice parameter. Instead, create a login button in your React app that, when clicked, triggers the authentication process by calling the Pega Auth service directly, ensuring the IDP login appears on the same page instead of a popup. Utilize your OpenID setup to manage the authentication flow within the main window. For unauthenticated pages, ensure your routes do not require authentication and that API calls use a common operatorID by default. Upon successful login, update your application's state to use the logged-in user's operator ID for subsequent DX API calls. Additionally, implement a logout button that, when clicked, clears the authenticated state and reverts the operator ID back to the common one, effectively switching the user back to the unauthenticated mode. Use React’s state management (like Context API or Redux) to handle authentication states and ensure that the UI updates accordingly based on whether the user is logged in or not. This approach ensures that authentication is only initiated when needed, providing a seamless experience for both authenticated and unauthenticated users.

To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice