Question5Replies153Views Brahmesh@ Member since 2013 147 posts Capgemini Posted: February 14, 2020Last activity: February 24, 2020 Issue OAuth2.0 Authorization CodeUnable to connect to the authorization server with Authorization Grant type, as it saying invalid redirect uri which is auto-filled in by pega .if i ignore the test connectivity and directly refer the authentication profile in connect-reset then it's failing as unable to obtain token.FAIL Step Status Info ** Unable to obtain OAuth2 TokenI don't see class for authorization code , I need to connect with client system using OAuth 2 authentication protocol.I need to use authorization code grant type.Everything is set like , Client_ID, key, redirect_URI etc.I created OAuth 2 provider & Authentication profile data instance. In the Connect-REST, I used the authentication profile.when i test the Connector activity, nothing works !!!, when i check customized logs in pyInvokeRESTConnector activity, I see access token as null.In pyInvokeRESTConnector 6th java step, they use getAccessToken method to get the access tokenBut where they get the authorization code???!!!!We know for Authorization code grant type, there should be 2 requests.1) get authorization code2) get access codepega do really support Authorization code grant type in 7.3.1 Pega Platform 7.3.1 Security Data Integration Java and Activities Financial Services ×Close popoverFacebookTwitterLinkedinEmail Copy Link Copied! Posted: 9 months agoPraneethPurighalla PEGA replied to Brahmesh@Yes, Pega 7.3.1 supports OAuth 2.0 Authorization Code grant type. You could leverage the OOTB Advanced Control called Information Mashup. You will find this in the Advanced control section under the design palette in Section rules. Check this help content: https://community.pega.com/sites/default/files/help_v731/procomhelpmain.htm#rule-/rule-html-/common/commonlayoutinformationmashup-configuring-information-mashup-tsk.htm?Highlight=informationmashup Posted: 9 months agoBrahmesh@ Capgemini replied to PraneethPurighallaThanks for quick response .Can it be done without user intervention to generate the authorization code & access token ?.As part of one of the usecase ,we need to consume an API ,which is expecting an access token that's getting generated through authorization server.1) Created Oauth 2.0 instances to configure authorization and access token end points . 2) Created Oauth authentication profile with grant type as "Autorization Code" and defined all information (Client_id,Secret ,Scope,redirect ) .3) Refer the authentication profile in connect rule .we are getting blank access token and no idea how pega generates the authorization code. Posted: 9 months agoBrahmesh@ Capgemini replied to PraneethPurighallaIs it possible to use authorization code grant typet for authenticating external api where no user authentication is involved ?if yes then how pega generates the code & access token . Does it support refresh token ? Posted: 9 months agoBrahmesh@ Capgemini replied to Brahmesh@Is it possible to use authorization code grant just for invoking the api where no user authentication involved ?if yes then how pega generates the code & access token . Does it support refresh token ? Posted: 9 months agoPraneethPurighalla PEGA replied to Brahmesh@Authorization code grant requires user intervention. The user gets authenticated and the access token gets generated. If you are looking for an app-to-app communication, check if "client credentials" grant type works for you.