Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 Michael Fede (MichaelF4652)
Raytheon Technologies

Raytheon Technologies
US
MichaelF4652 Member since 2016 17 posts
Raytheon Technologies
Posted: Apr 10, 2019
Last activity: May 14, 2019
Posted: 10 Apr 2019 18:09 EDT
Last activity: 14 May 2019 9:49 EDT
Closed

JWT Bearer Authentication for REST Connector?

We need to provide an Authorization header (Bearer type) with a JSON Web Token (JWT) when calling a REST Connector for server to server authentication. Since there doesn't seem to be an Authentication Profile to do this, I had to add an Authorization header on my REST Connector methods and map it to a Clipboard property. Then I needed to create a custom Activity to call the pxGenerateJWT activity and copy the JWT value to Clipboard property before calling the REST Connector.

This works but it means that every time I generate rules using the Create REST Integration wizard I need to customize the generated Data Page to call a custom Activity instead of calling the REST Connector directly. This means additional costs for development and maintenance.

Is there a better way to do this? Any chance that support for this will be added to the platform? If not, is there a way for us to define our own custom Authentication Profile types so that we can minimize the amount of work needed to set this up on each connector?

We are using an on-prem instance of the 7.4 platform.

To see attachments, please log in.
Data Integration
Security

  • Dip Sankar Roy
Posted: 5 years ago
Posted: 10 May 2019 10:24 EDT
Sateesh Boganadham (SateeshB6784)
Capgemini
Principal Architect
Capgemini
GB

We have a similar requirement and it would be helpful to know how you are passing the JWT token in the activity called from the data page. Thank you

To see attachments, please log in.
Posted: 5 years ago
Posted: 10 May 2019 13:03 EDT
Michael Fede (MichaelF4652)
Raytheon Technologies

Raytheon Technologies
US

I am using an Activity for the source of my Data Page. The Activity calls pxGenerateJWT with my JWT Token Profile as an input and then sets the pyJWT property value on the output page to a property that I have mapped in the Connect REST rule to my Authorization header. Now that the mapped property has a valid JWT value, the activity can run the Connect-REST method to run my connector.

Hope this helps.

To see attachments, please log in.
Posted: 5 years ago
Posted: 14 May 2019 2:54 EDT
Vibek Sharma (Vibek_Sharma)
PEGA
Senior Principal Technical Support Engineer, Platform Service
Pegasystems Inc.
IN

Hi,

Pega has provided a Token Profile in Pgea 7.4 and above. You can find it inside the Records Explorer->Security-> Token profile.

Create a token Profile.

Create the Token Profile with the Security Details, Use this Profile and let Pega take care of managing this.

Thanks,

To see attachments, please log in.
Posted: 5 years ago
Posted: 14 May 2019 9:49 EDT
Michael Fede (MichaelF4652)
Raytheon Technologies

Raytheon Technologies
US

Thanks, I've done this and it works fine. However, that's not the point of my original question. The question was about how to map the JWT value to a header in a REST Connector without having to create custom Activities to use in the Data Pages instead of being able to use the REST Connector as a source. From what I've gathered so far, the only option is to use a custom Activity.

To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice