External credentials screen and IAC with OAuth 2
Hi,
Could anyone give a hint on what would be the most suitable solution for the following scenario?
We have an application (a user portal) that is going to be exposed through Mashup. The steps are as follow :
1. User clicks on external website "login"
2. If no active session, the user is redirected to an external challenge screen, which will authenticate the user
3. The external application, redirects to Pega, with the state and authcode
4. Operator has to be loaded, access token is requested and customer information as well.
I have more issues in the redirect when Pega is first accessed through the Mashup in order to redirect to the external application, which will provide the initial auth for the user.
Many thanks in advance!
Pegasystems Inc.
US
It sounds like user is trying to access Pega mashup before user is authenticated against the parent application. probably you want to consider hiding the pega link until the user is authenticated in parent application. once user is authenticated in parent applicaiton, then launch Pega mash up with all the required parameters for the authentication at pega side. this is most common use case for pega mash up.
Pegasystems Inc.
ES
Hi GopiGanapathy,
Many thanks for your response! You are right in what you describe, but we should first attempt to access Pega, if there is no active session, then redirect to the external credentials screen, which will redirect back to Pega upon successful auth.