Question
First Tech Federal Credit Union
US
Last activity: 23 Jun 2021 20:54 EDT
PEGA-Salesforce SSO Integration
Hi All,
We have input the Mash up code in salesforce and have given the SSO URL in the mash up code.
When we are trying to launch pega from salesforce we are getting Refused connect Error.
How ever when we launch the pega sso URL in a browser window it was working fine.
Can any one help me on the issue
Mashup Code
<div data-pega-gadgetname ='PegaGadget' data-pega-action ='XXXX' data-pega-action-param-classname ='XXXX' data-pega-action-param-flowname ='XXXX' data-pega-isdeferloaded ='false' data-pega-applicationname ='XXXX' data-pega-threadname ='STANDARD' data-pega-resizetype ='stretch' data-pega-redirectguests='false' data-pega-url ='https://XXXX/prweb/PRAuth/SSO' data-pega-action-param-parameters ='{"pzSkinName":"XXXX","pyMashupSkeletonName":"pyDefaultMashupSkeleton"}' > </div>
-
Like (0)
-
Share this page Facebook Twitter LinkedIn Email Copying... Copied!
Allianz Technology
DE
Hi Krishna,
Have you tried to add the salesforce url to a trusted origin inside application rule in Integration & Security tab?
First Tech Federal Credit Union
US
Thank you for you reply. Yes Added the SF URL to the trusted origin but still facing the issue
Updated: 23 Jul 2020 12:11 EDT
Maantic Inc
US
Hi,
1. Check do have CSRF enabled? If enabled add saleforce url in security/csrf/validreferers DSS.
Pega 8 have UI for it.
1. Once you have added valid refers url in screen, system creates DSS security/csrf/validreferers
2. After this change, restart the machine and run the mashup
https://community.pega.com/knowledgebase/articles/security/configuring-csrf-protection
DSS
After performing all the steps, still if you have issue. Take any other webportal, run that portal in Saleforce Iframe, check salesforce has any restriction to run
Macquarie
AU
@JohnPaulRaja,C : We are facing similar issue around the SameSite Cookies. Have configured the Cross-Site Request Forgery settings correctly but we are not able to load the Pega mashup inside the Salesforce Apex component.
With the recent changes in chrome, the samesite attributes for the cookies has been defaulted to Lax and hence its preventing Pega from being loaded with SSO.
have you ever faced any similar issue ?
Allianz Technology
DE
@AdityaK2715Hi Aditya, with the recent Chrome upgrade to the version 91 the SameSite behaviour was changed to Lax by default and it caused the issue in the way Pega checks for cookies availability in javascript in mashup. Due to this issue we were getting the error "Browser cookies must be enabled for PRPC Internet Application Composer to function." and we had to install HFIX-80707 for version 8.4.4 to make it work. If you have the same sympthom you may try requesting and installing the same hotfix to make it work.
As a temporary workaround Firefox and Edge were still working fine as they didn't change default SameSite behaviour yet (even though they will do it eventually as well).
-
Thilak Rathnayake
Macquarie
AU
Allianz Technology
DE
@AdityaK2715 Hi Aditya, we are actually in progress of testing that hotfix, so maybe it was not yet published in Pega repository. I believe you may raise SR to Pega requesting the proper hotfix for your version mentioning HFIX-80707 to be used as a reference.
Pegasystems Inc.
US
Hey @AdityaK2715
If you open a ticket with Support, please reference this Question and then let us know the ID so we can track for you!
Thanks!
Macquarie
AU
@MarissaRogers : Thanks Marissa, I have created the SR-102131 for Pega Support. Could you please track it further and let me know if there are any other inputs needed.
Macquarie
AU
@Oleg Shepelev Thanks Oleg, requested Pega to provide their inputs.