Question3Replies39Views THILANPEIRIS Member since 2012 3 posts Evonsys Posted: 2 months agoLast activity: 2 months 3 weeks ago Credential exposed in mashup script even Encrypt enabledMashup user credential is exposed in the auto generated mashup code even after enabling the encrypt mode.Client is not interested to expose user credentials in the mashup script, as it is breaching the security protocols. We are looking for an approach, where Auto Login/authentication to Mashup screen, without exposing user credentials in the Mashup script.Tried configuring IACAuthentication Auth service as mentioned in the Pega 7.x version in the PDN, but unable proceed with that in the 8.4 PEGA CRM app.Can anyone describe how this could be achieved in PEGA 8.4 v ?***Edited by Moderator: Pallavi to update platform capability tags*** Pega Customer Service 8.4 Case Management Security Other Industry System Architect ×Close popoverFacebookTwitterLinkedinEmail Copy Link Copied! Posted: 2 months agoJohnPaulRaja,C Cognizant replied to THILANPEIRISHi, Do you have sso url for the application. If yes, use sso url in mashup, it will take care the user validation. Posted: 2 months agoTHILANPEIRIS Evonsys replied to JohnPaulRaja,CHi John,Thank you for the inputs.We do not have SSO url for now, What if we create a custom SSO like authentication, will that work? Posted: 2 months agoJohnPaulRaja,C Cognizant replied to THILANPEIRISHi Thilanpeiris, If you use SSO url, mashup code doesn't require any explicit credentials.