OAuth2 OpenID Connect Token support
Hi,
My client uses OAuth 2 with OpenID connect token and I am wondering if we have OOTB support for it.
We have version 7.2.1 and I can connect through standard OAuth 2 but only get the Access Token, and not the token_id with the information we need. I have been able to have a workaround, but could not have this working OOTB.
The redirect service, performs a post in a java step, and retrieves just the Access Token :
oauth2Token = pega.getServiceUtilsPriv().getOAuth2Client(tools, authProfilePage, operator).getAccessToken(authCode);
I have tried to find the available methods in the Engine API, but I can't find the package : com.pega.pegarules.pub.services.oauth2 in the documentation.
Many thanks in advance!
**Moderation Team has archived post**
This post has been archived for educational purposes. Contents and links will no longer be updated. If you have the same/similar question, please write a new post.
Accepted Solution
Pegasystems Inc.
US
At this time Pega 7 doesn't provide built-in support for OpenID Connect. Pega 7 can act as an OAuth 2.0 client (consumer) and supports the client credentials and authorization code grant types.
Pegasystems Inc.
US
Hi Herim, from the debug logs at pega side, do you see the 'token_id' as part of the token?
following pega logger might help 'com.pega.pegarules.integration.engine.internal.client.oauth2'. run with logger level as 'DEBUG'.
If you see the token_id in pega debug log and no api to access it, please create a support request by attaching the evidence. Thanks!
Pegasystems Inc.
ES
Hi Gopiganapathy,
Thanks a lot for your reply!
As I suspected, we don't support OOTB OpenID Connect. I can see the whole token content in Base64 encoded, when using a Connect-HTTP in the redirect REST service (prior to the Java step that performs a POST in order to request the Access token). The response I get through the Connect-HTTP is correct and contains the Access Token and Token_Id. If using OOTB we just get the Access token.
Many thanks!
Atentamente/Best Regards,
Manuel.
Accepted Solution
Pegasystems Inc.
US
At this time Pega 7 doesn't provide built-in support for OpenID Connect. Pega 7 can act as an OAuth 2.0 client (consumer) and supports the client credentials and authorization code grant types.
Pegasystems Inc.
ES
Hi David,
Many thanks for your reply! I did suspect that, but just wanted to confirm.
We use authorization code grant and the client uses OpenID, we just receive the Access Token, but we don't parse the rest, despite being sent (I have tested with postman and also with a Connect-HTTP mapping the response to the Clipboard).
Do you know if there is any plan to have support in the roadmap?
Thanks a lot!
Atentamente/Best Regards,
Manuel.
Pegasystems Inc.
IN
Hi,
Thank you for posting your query in the PSC. This looks like an inactive post and hence, we suggest you create a new post for your query. Click on the Write a Post button that’s available on the top right pane of this page. Once created, please reply back here with the URL of the new post.
You may also refer this discussion link as a reference in the new thread.