Whenever you use external authentication you are expected to update the OperatorID page using attributes returned by your authentication/identity mechanism. There are various Code-Security Activities where this is done. What you have to do to extract attributes depends on the authentication/identity mechanism, e.g., LDAP, SAML, Oauth, Open ID Connect (OIDC).
The first tab in an Operator record is named "Profile" for a reason, i.e., it corresponds to the term "user profile" employed by authentication/identify mechanisms. Another correspondence between certain Pega rule names and authentication/identify is: Attribute-Based Access Control (ABAC).
User attributes are typically stored external to Pega, i.e., Pega is typically not its own source of user information. Other applications beside Pega need to validate and consume user identities. Users should not be forced to log into each application, hence the use of Single Sign On (SSO).
Posted: 3 years ago
Posted: 20 Mar 2019 11:25 EDT
Avinash Haridasu (Avinash.Haridasu)