Question
3
Replies
453
Views
Boston Consulting Group
Posted: Apr 21, 2020
Last activity: Jul 23, 2020
Closed
Securing Service-Rest with external oAuth provider like Okta
We are trying to secure a Service-Rest via oAuth provider like Okta (using PKCE flow).
Any experience or related posts will be very helpful.
Primary questions:
- Can this be achieved by using an Authentication Service (OpenID Connect) in the Service package
- Or would you recommend an Auth service with custom activity that interfaces with Okta to validate the token
***Edited by Moderator Marissa to update Content Type from Discussion to Question***
Posted: 4 years ago
Hi,
When you say securing Service-REST with Okta,
- is the user already authenticated and an AccessToken is acquired from Okta ? And you want to use that token to access Pega APIs ?
- OR do you want to have the users authenticated using authorization code flow on Pega and get the token from Pega ?
Thanks,
Santhosh
Posted: 4 years ago
Hi Varun,
We have similar kind of requirement.
We have an requirement to authenticate a rest service via external Client ID and Client Secret from Azure not the one that pega generates via Client Registration OAuth 2.0 process.
Can you help how did you implement your requirement from OKTA