Is it possible to change the client details & Authorization endpoint that is automatically generated by the system? because we have to use organization specific authorization system to generate token .
Client registration rule is for registering oauth2 client with pega authorization module. So ClientID/Secret are generated by the system and cannot be manually changed. Secret can be regenerated by using 'Regenerate client secret' option.
If idea is to use token from an external authorization server to access REST services hosted on pega, then use one of the oauth2 extension grants JWTbearer or SAMLBearer. This allows extension of trust by exchanging token from external authorization server with a Pega issued access token, which further can be used to invoke pega rest services.
Posted: 3 years ago
Posted: 23 Apr 2020 11:57 EDT
Brahmeswara Rao (Brahmesh@)
The idea of using the access_token (Bearer jwt)for user identification based on jwt that comes from external system .Presently, service isn't configured with authentication,simply taking jwt as part of request header and validating it ,since service is unauthenticated we are getting couple of issues around executing authentication activities .
we decided to make the service authenticated but it's asking userName and password to run it , Do we really need to pass pega operator id and pwd in order to execute the service .