Posted: 2 Aug 2017 13:49 EDT Last activity: 20 Aug 2017 21:45 EDT
Box Integration with Pega 7.2
We have the following requirement for our application
Users will be uploading content into BOX from Pega.
Each individual user will upload files in the same folder in BOX.
While uploading files in BOX , none of the user should see the BOX log-in screen.
To achive this requirement we have done the following changes:
We have created a new authentication profile data instance in Pega.
Updated our application rule with the new authentication profile created above.
In BOX configuration for the "Authentication Method" we have selected "Standard oAuth2.0".
From the connected app landing page we are connected to box.
With the above configuration , when the User1 logs into box, it is not asking for user credential. but when User2 logs in and try to upload , Box is again asking for the credential. we also found that the on connected app landing page for User1 the status is showing as "connected" but for User2 the status is "Not Connected". So it seems that the connected app landing page is user specific and individual user must go to landing page and connect to box for uninterrupted BOX session.
For our application , in the production environment we will be creating operator IDs dynamically and all the operator should be having access to box(none of them should see the BOX log in screen). With the configuration above, we are not able to achieve the requirement. Are there any out of box configuration in Pega which can be leveraged so that all the operators in Pega would have seamless connection to BOX?
The user need to authenticate to box.com after login, I hope it's one time activity for each application and from next time onwards it's not required. However, lets wait for other community members to review this.
The second challenge we faced was that in our PRPC version (7.2.2) there was no OOTB rule which can generate JWT(JSON Web Token). We had to write custom( you can find tons of source code in the internet) JAVA code to generate the JWT.
Once we were successful in generation of JWT , we had to make the two rest calls to BOX