We are using SSO to authenticate and create an operator on the fly depending on the incoming attributes from the AD server.
We want to launch a mashup into another application. The mashup will execute the SSO url which will in turn load all the access groups that the user belongs. Access to create the specific case may be present in any one of these access groups. We need to determine if the user has access to create the case via mashup using any one of his access groups. Is there a way to achieve this?
In general the data-pega-applicationname setting identifies the Application the mashup should use when run. The mashup thread gets started using an AccessGroup in the users AccessGroup list of their operator profile that contains that application. If not there then you should get an error - Invalid Application.
In your case you want to check after authentication if the user has access to this application?
Take a look at adding some logic in Data-Portal.ApplicationProfileSetup activity that is run each time a thread page starts. IMPORTANT: You need to add a condition around your logic so only runs with your mashup as well. Your logic can then look at the pxRequestor.pxSecuritySnapShot.pxAvailableApps page list and see what applications they have access too.