We recently came across an issue that went unnoticed when we first set up our Pega Platform 8.2 instance. Any configured user at the moment can enter any password and access the application. We have set up a custom authentication service which utilizes external authentication to allow users to use their internal password rather than having to create one. For example, users are configured to have the userid <lastname><firstinitial> and use their internal password. I believe this is happening due to the way the authentication service was configured but I am unable to find the where it was stored once configured. Any idea on where this configuration was stored? Thanks.
***Edited by Moderator Marissa to update platform capability tags****