Question
Cotiviti
US
Last activity: 2 Aug 2023 12:02 EDT
Custom Authentication for multiple appications
So I have multiple pega applications in the same environment. I am using Okta and each application has its own authentication service. Upon first attempt to login the operator gets created with a certain primary access group as setup for that authentication service.
If a user attempts to login to a different application thru Okta than previous logins then post authentication activity of the appropriate auth service gets executed but it will use the ruleset stack of the primary access group that the operator had been created with pertaining to the first application which means then that to be able to reconstruct the access groups in the operator to give access to the second application then that second applications role mapping code would need to be in the first applications ruleset stack.
Because of this, we are not allowed to completely segregate the code for one application from another application. Does this make sense? Or are we perhaps doing something wrong? Is there really no way to completely segregate the applications?
Pegasystems Inc.
GB
@TerranceK5260 It seems that you are experiencing issues with access group segregation when using Okta for authentication in a shared environment with multiple Pega applications. One possible solution is to ensure that the post-authentication activity of each authentication service is correctly configured to update the operator's access groups based on the application they are logging into. This way, the operator's access groups can be updated dynamically, allowing for better segregation between applications.
However, if you still face issues, it might be necessary to review your implementation and consult Pega documentation or support for further guidance on how to achieve complete segregation between applications in your specific scenario.
Fields for operator contact information and application access
Pega is not setting default access group