Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 Johan Grall (JOHAN.GRALL)
Knowledge Expert
LSA Pega
Knowledge Expert
FR
JOHAN.GRALL Member since 2012 19 posts
Knowledge Expert
Posted: Sep 29, 2021
Last activity: Oct 6, 2021
Posted: 29 Sep 2021 5:58 EDT
Last activity: 6 Oct 2021 6:02 EDT
Closed
Solved

Reuse Authentication service token for REST connector

Hi,

 

I have a requirement to reuse token from SSO connection (with OpenID authentication service) and I want to reuse this token for REST connector.

Token usage

But it seems impossible with Pega OOTB behavior (we use Pega 8.3.5). Do you know if it's possible ?

Current implementation:

  • When user connect to Pega platform with SSO, an OpenID authentication service is used... So a token is available in table pr_data_token with grant type "Authorization code" and a specific scope
  • When user use connector REST, we use authentication profile with "authorization code" and same scope that used in authentication service. But Pega doesn't use automatically token available in table pr_data_token; so we should use gadget pxInformationMashup to retrieve a fresh token (but in this case, there is a popup to ask credential to this user).

Even if we will be able to reuse token generated when user connect, I didn't find a solution to refresh this token.

 

Do you have already implement this type of requirement on other project ?

 

Thanks in advance for your feedback.

***Edited by Moderator: Pooja Gadige to add capability tags***
To see attachments, please log in.
Pega Platform 8.3.5
Case Management
Security
Data Integration

Accepted Solution

Posted: 3 years ago
Updated: 3 years ago
Posted: 29 Sep 2021 13:24 EDT
Updated: 6 Oct 2021 6:02 EDT
Nirmalya Sen Sharma (Nirmalya.SenSharma)
Ernst & Young LLP
Program Manager
Ernst & Young LLP
MT

@JOHAN.GRALL

See if this article helps: https://community.pega.com/knowledgebase/articles/whats-new-pega-platform/configure-authentication-profile-json-web-token-bearer-grant-type-84

Apparently, you can reuse the JWT token from your active SSO session, which I believe is your case.

Also, I believe you need to enable 'Use refresh token if available' option on the auth profile of your connector rule.

Thanks

To see attachments, please log in.

Accepted Solution

Posted: 3 years ago
Updated: 3 years ago
Posted: 29 Sep 2021 13:24 EDT
Updated: 6 Oct 2021 6:02 EDT
Nirmalya Sen Sharma (Nirmalya.SenSharma)
Ernst & Young LLP
Program Manager
Ernst & Young LLP
MT

@JOHAN.GRALL

See if this article helps: https://community.pega.com/knowledgebase/articles/whats-new-pega-platform/configure-authentication-profile-json-web-token-bearer-grant-type-84

Apparently, you can reuse the JWT token from your active SSO session, which I believe is your case.

Also, I believe you need to enable 'Use refresh token if available' option on the auth profile of your connector rule.

Thanks

To see attachments, please log in.
Posted: 3 years ago
Posted: 6 Oct 2021 6:01 EDT
Johan Grall (JOHAN.GRALL)
Knowledge Expert
LSA Pega
Knowledge Expert
FR

@Nirmalya.SenSharmaThanks for your response. Currently, we use Pega version 8.3.5 and not Pega 8.4.

I will test it when migrate on Pega new version.  

Currently, we will continue to use custom system to get new token when necessary (wit pxInformationMashup gadget)

To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice