Question

2
Replies
36
Views
Sudipta Biswas (SudiptaB7860)
Tech Mahindra Ltd

Tech Mahindra Ltd
CA
SudiptaB7860 Member since 2018 7 posts
Tech Mahindra Ltd
Posted: June 2, 2021
Last activity: June 13, 2021
Posted: 2 Jun 2021 17:05 EDT
Last activity: 13 Jun 2021 23:34 EDT

Make on the fly dynamic update to the operator using SAML 2.0 authentication service rule

Hi,

 Our application was recently migrated from Pega 7.1.7 to 8.4. In our app users were authenticated using SAML and we had a logic of updating/creating operator ID instances inside the Authentication activity rule using model operator. For our app each model operator is mapped with unique workbaskets and we had used a decision rule to find out the correct model operator based on the values coming from IDP(using D_SAMLAssertionDataPage). 

Now , after the upgrade it seems that 8.4 version does not have a provision of calling Authentication activity rule instead we need to map all operator ID details inside the mapping tab where as new operator ID creation can be done through "operator provisioning using model operator" section of the authentication service rule. Also "operator provisioning using model operator" is only gets called if the operator does not exist in Pega  and in that situation only the mapping tab gets invoked(and the subsequent details are updated and saved in operator table). 

 

Q1: How can this mapping tab be used so that once can make dynamic updated to each operator?

e.g. All the Model operators of our applications are mapped to unique number of workbaskets and previously each operator ID used to get updated every time during log in ( by copy the model operator details into logged in operator ID page) . How the same dynamic mapping of work basket's be performed using the mapping tab?

Hi,

 Our application was recently migrated from Pega 7.1.7 to 8.4. In our app users were authenticated using SAML and we had a logic of updating/creating operator ID instances inside the Authentication activity rule using model operator. For our app each model operator is mapped with unique workbaskets and we had used a decision rule to find out the correct model operator based on the values coming from IDP(using D_SAMLAssertionDataPage). 

Now , after the upgrade it seems that 8.4 version does not have a provision of calling Authentication activity rule instead we need to map all operator ID details inside the mapping tab where as new operator ID creation can be done through "operator provisioning using model operator" section of the authentication service rule. Also "operator provisioning using model operator" is only gets called if the operator does not exist in Pega  and in that situation only the mapping tab gets invoked(and the subsequent details are updated and saved in operator table). 

 

Q1: How can this mapping tab be used so that once can make dynamic updated to each operator?

e.g. All the Model operators of our applications are mapped to unique number of workbaskets and previously each operator ID used to get updated every time during log in ( by copy the model operator details into logged in operator ID page) . How the same dynamic mapping of work basket's be performed using the mapping tab?

Q2: Can the "Post-authentication activity" be used for the above requirement? I have tried using the same but have found that whatever changes I was making with the operator ,was not being reflected in the operator table. Although in the logged in session , the operator page had all the necessary update(but the same was not committed in the database).

Q3: Can we use the "Pre-authentication activity" and delete the operator ID instance each time before the authentication process kicks in? This way each time operator ID will get created with the dynamic model operator details from the "operator provisioning using model operator" section. Though I feel this isn't the best approach as in the scenario of authentication failure , Operator ID instance will get deleted without the provision of recreation.

 

Pega Platform 8.4.4 Security Financial Services Lead System Architect