custom authentication service with login screen
Hello,
I have the following requirement:
1- user access pega login screen with username / password
2- pega custom authentication activity uses the username / password to call Oauth2 in order to get a user token
2.1 Oauth2 comunicates with AD
3- user logs in in pega
If user does not exist
Option 1 - create a new operator using a modal operator with a "blank" access group and no access to do anything but seeing a blank portal. Later a manager needs to update the operator and assign him a new access group accordingly.
Option 2 - System consumes a Rest service using the Oauth2 token, in order to get user details (name, surname, email, and role) and pega creates the user on the fly and assign him access group depending on role
My question is, how can i intercept the login / password activity after user clicks login? is there any example of custom authentication service that i can use in order to present to the user a login / password screen and then process the request after the user presses LOGIN button?
Essentially i need to understand if step 1 is possible on a custom authentication fashion.
Thanks
***Edited by Moderator Marissa to update platform capability tags****