Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 Abhisht Sathyanarayana (AbhishtS)
Los Alamos National Laboratory

Los Alamos National Laboratory
US
AbhishtS Member since 2020 5 posts
Los Alamos National Laboratory
Posted: Oct 10, 2020
Last activity: Nov 19, 2020
Posted: 10 Oct 2020 16:26 EDT
Last activity: 19 Nov 2020 0:06 EST
Closed

SAML 2.0 Pega API REST Services

Hi, How do we implement SAML 2.0 Authentication on Pega API (to run the REST services)  since we only have three Authentication Types under Service Package: api(Basic, Custom, OAuth)? The Operator already has PegaRULES:PegaAPI as part of their role on the default Access Group and the REST API(s) seem to work fine with Basic Authentication. The Operator has also been updated to enable the option 'Use External Authentication' and the user is able to login to the Developer Portal with the SAML 2.0 auth. Putting the SAML 2.0 Auth Service under the 'Custom' Authentication Type in the Service Package: api didn't work with the REST API(s) either and the SAML Tracer showed no indication that the SAML request was ever made.   Thanks.

To see attachments, please log in.
Pega Platform 8.4.1
System Administration
Other Industry
Experience Designer

Posted: 4 years ago
Posted: 17 Oct 2020 6:08 EDT
GOPI REDDY ILLURI (GOPIREDDY)
Inovar
Technical Lead
Inovar
SA

I have seen that PEGA itself mentioned that SSO works only with Web. Some one from PEGA expertise team has to comment on this , when we refer the same authentication service from service package , will it work or not.

Configure this SAML authentication service to enable web Single Sign-On (SSO) for your application.

I am exploring things on this. i will let you know if get to know anything.

To see attachments, please log in.
Posted: 4 years ago
Posted: 26 Oct 2020 12:27 EDT
Sreedhar Kalasapati (Sreedhar K)
Evonsys
Vice President - Technology
Evonsys
IN

SAML SSO authentication will work wtih REST API. I did the same in 8.3 and was working fine. Select the authentication type as Custom and give the SAML auth service rule. It should save without any errors. Change the processing mode from Stateless to Statefull. It will work. But the same is not working after upgrading to 8.5.1 version. In latest version, Pega expecting a authentication activity for Cutom type authenticaiton. Seems like something changed from Pega end in new version.

To see attachments, please log in.
Posted: 4 years ago
Posted: 19 Nov 2020 0:06 EST
Pavan Kumar Ramadugula (pavanr)
Pegasystems Inc.
Pavan Kumar Ramadugula
Pegasystems Inc.
IN

SAML 2.0 is vastly used for web SSO primarily aimed at user authentication. REST API on other hand is a async way of accessing application functionality via various channels like web, mobile apps, IoT etc that involves both user and API consumer verification. So OAuth 2.0 is the industry recommended standard to use. To hook up any existing SAML SSO implementation, look into OAuth 2.0 with SAMLBearer grant type. This allows exchange of a SAML 2.0 token for an oauth access token that can be used to access the REST API.

To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice