Question

2
Replies
1703
Views
SECAJ Member since 2012 1 post
PEGA
Posted: 2 years ago
Last activity: 1 year 8 months ago
Closed

custom authentication service with login screen

Hello,

I have the following requirement:

1- user access pega login screen with username / password

2- pega custom authentication activity uses the username / password to call Oauth2 in order to get a user token

2.1 Oauth2 comunicates with AD

3- user logs in in pega

If user does not exist

Option 1 - create a new operator using a modal operator with a "blank" access group and no access to do anything but seeing a blank portal. Later a manager needs to update the operator and assign him a new access group accordingly.

Option 2 - System consumes a Rest service using the Oauth2 token, in order to get user details (name, surname, email, and role) and pega creates the user on the fly and assign him access group depending on role

My question is, how can i intercept the login / password activity after user clicks login? is there any example of custom authentication service that i can use in order to present to the user a login / password screen and then process the request after the user presses LOGIN button?

Essentially i need to understand if step 1 is possible on a custom authentication fashion.

Thanks

***Edited by Moderator Marissa to update platform capability tags****

Low-Code App Development Security
Moderation Team has archived post
Share this page LinkedIn