Question

4
Replies
495
Views
Johan Hoogenboezem (JohanH55)
Ernst & Young
Senior Manager
Ernst & Young
ZA
JohanH55 Member since 2018 11 posts
Ernst & Young
Posted: April 15, 2019
Last activity: April 17, 2019
Posted: 15 Apr 2019 9:08 EDT
Last activity: 17 Apr 2019 23:38 EDT
Closed
Solved

JWT Authentication actity for Mashup - not authorized to open instance DATA-ADMIN-SECURITY-TOKEN

Hi All

We have a need to authenticate mashup users by means of a JSON Web Token (JWT). Many of the moving parts of the solution are working. The part where I am stuck is where I need to validate the JWT. I have a working Token Profile that I tested with pxProcessJWT, but when I try to do an Obj-Open on it so that I can use JwtUtils.processJSONWebToken(...), I get an error:

"Error in Obj-Open
com.pega.pegarules.pub.database.AuthorizationException: You are not authorized to open instance DATA-ADMIN-SECURITY-TOKEN <my token name>"

Obviously the current user is unauthenticated, so it looks like I would need to modify the PegaRULES:Guest access role to allow this. Which in turn would mean unlocking the PegaRULES:08-01-01 ruleset.

Does anyone know of a better way? I don't want to resort to adding a lot of custom Java to go around this obstacle.

***Edited by Moderator Marissa to update platform capability tags****

Low-Code App Development User Experience
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.