Skip to main content

Question

 Arnaud Aurouet (ArnaudA)
MGEN

MGEN
FR
ArnaudA Member since 2021 1 post
MGEN
Posted: 3 weeks ago
Last activity: 2 days 8 hours ago
Posted: 31 Jul 2025 10:38 EDT
Last activity: 19 Aug 2025 11:52 EDT

How to customize client secret on Authentication Service ?

Hi,

As part of the work to implement SSO, I created an OIDC "Authentication Service" in Pega.

I need to define a "client ID" and "client Secret," but when moving to a higher environment, I want to be able to parameterize the "client Secret" because it is not the same across different environments. Is there a solution that allows me to use a DSS or something else for this?

To see attachments, please log in.
Pega Platform '24.1.1
Pega Platform
System Administration
Java and Activities
Healthcare and Life Sciences
Senior System Architect

  • Reply
Posted: 3 weeks ago
Updated: 3 weeks ago
Posted: 31 Jul 2025 17:48 EDT
Updated: 31 Jul 2025 17:51 EDT
Ravi Chandra Jonnavithula (RaviChandra)
ai4process ltd

ai4process ltd
GB

@ArnaudA

Authentication service is a Data instance in itself.. you dont need to unlock the Ruleset version to update the Authentication service. 

you can directly update the client secret in the respective environment. 

 

Unfortunately you cannot parameterise/ use DCR for client secret in AUth service

To see attachments, please log in.
Posted: 2 weeks ago
Updated: 2 weeks ago
Posted: 1 Aug 2025 3:38 EDT
Updated: 1 Aug 2025 3:41 EDT
Arnaud Aurouet (ArnaudA)
MGEN

MGEN
FR

@RaviChandra

Thank you, that's what I thought — I can't configure the 'client secret'. That's a shame, it would have been interesting.

 

Do you know if the 'client secret' is properly exported/imported through the 'Product'?

Which would allow me to produce several JARs, one for each of my environments.

To see attachments, please log in.
Posted: 2 weeks ago
Posted: 1 Aug 2025 4:56 EDT
Ravi Chandra Jonnavithula (RaviChandra)
ai4process ltd

ai4process ltd
GB

@ArnaudA We faced issues with the Authentication Service itself when we tried to migrate it from Dev env to staging env to pre-prod. 

the end point URL that is defined for SSO was not functioning when we migrated it to higher environment and we had to manually configure it in each environment including Production.  Our issue could be due to some IP Whitelisting/ PSC setup as well... so pls verify if you can do it from Dev to staging and if it doesnt work you would have to manually configure it in respective environments.

To see attachments, please log in.
Posted: 2 days ago
Updated: 2 days ago
Posted: 19 Aug 2025 11:14 EDT
Updated: 19 Aug 2025 11:52 EDT
Arnaud Aurouet (ArnaudA)
MGEN

MGEN
FR

@RaviChandra, As part of the issue mentioned above, I noticed that the encrypted Client Secret on one environment differs from that on another. However, both of my environments are running the same version of Pega Platform. What could explain this difference when calling the pega.encryptInternal(String) function (Called in the PreSave Activity)?

 

For example, if I run the function on env A, with the String : "toto", I  got :

    {in}M/HPp0rXDTber7JRy/zvow==

on the env B (with the same String), I got :

    {in}gBpVF9fwWcmddYU3iHMjdA==

 

Is there any DSS to configure hash algorythm, a deprecated library ?

To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice