Discussion 70 Views Di Smith-Knowles (DianeSK) PEGA Partner Delivery Success Manager - AMS PS & HCLS Pegasystems Inc. US View Profile Send Message DianeSK Member since 2010 28 posts PEGA Posted: December 15, 2020 Last activity: December 16, 2020 Posted: 15 Dec 2020 19:46 EST Last activity: 16 Dec 2020 5:20 EST LSA UI/UX: DX API - Security Report How to handle URL tampering? Is there something Pega does automatically URL will be completely different in Cosmos React. The Rest api will also be protected to NOT allow remote code execution. I saw that DX Api starter pack serves only Basic authentication. Yes – there is no plan to add other types of authentication in these started packs I saw that DX Api starter pack serves only Basic authentication. Is there any way for us to make it work with SSO? Yes – you can change how the authentication is handled Do we have to use reverse proxy to mitigate same origin web page restriction? No – the UI service should run in the same domain Will there be a way for changing the security of the DX API OOTB? Nowadays, we have to specialize the services in a separate service package, maybe an option to have Oauth2.0 / JWT OOTB? Service packages supports different types of authentication like OAuth or JWT token - this feature has been available for several years - https://community.pega.com/knowledgebase/articles/data-integration/accessing-pega-api-using-oauth-20 ***Edited by Moderator: Pooja Gadige to add Developer Knowledge Share tag*** Pega Platform User Experience Lead System Architect Developer Knowledge Share Reply I found this helpful (0) Share Share this page Share via Facebook Share via Twitter Share via LinkedIn Share via Email Copy share link Copying... Copied!