We have a below requirement , am not sure what's the best way to acheive this
Currently we are using Ping Federate Open ID to authenticate and give access to Pega for our internal users
Now there is a new requirement where we need to give Pega access to external users who are not part of our organization.
External users will launch Pega from Third party website. When they launch pega from third party website we want to call their external IDP and once we receive access token from external IDP,we want to redirect to our internal IDP to validate the access token we receive from external IDP.
If the token validation is successful by internal IDP then we will grant then Pega access
in Summary is it possible to call two different IDP providers one after another and pass the access token across them ?
Both IDP providers are open ID .
***Edited by Moderator Marije to add Capability tags***