Hi All,

We are using Process Fabric to connect with other PEGA remote apps and they are in separate PEGA instances within the same server and our remote apps are built on Constellation 25.1.1 version. We have an organization level security mandate to use JWT token instead of Client credentials in Oauth2.0 client Authentication. OOTB Process Fabric creates Oauth with Client credentials(DataSync operator) once the Remote app is registered (Refer attached Oauth screenshot) and the data sync happens using this OOTB ID. Following are our questions to aling with our org mandate:

1. Can we replace the Oauth2.0 auth rule to use JWT brearer instead of the Datasyncoperator created by default? If yes, what are the implications and are there any documentations we can refer to implement this change?

2. Also, if we have to continue to use the datasyncoperator can we create a copy of the datasyncoperator and refer to our custom application built on the OOTB PPF application? This is to ensure our org level changes are maintained in separate application to be able to seamlessly upgrade to future updates from PEGA on Process Fabric.

Appreciate responses and feedback on the above. Thanks!