Question

1
Replies
1175
Views
Close popover
Andy Weedman (AndyWeedman)
Quavo, Inc.
Lead System Architect
Quavo, Inc.
US
AndyWeedman Member since 2015 2 posts
Quavo, Inc.
Posted: November 7, 2017
Last activity: November 13, 2017
Closed

Mashup authentication using single id

I have a pega application that users currently access through the standard SAMLAuth authentication service. This works fine for individual users. However, I have a scenario where pega will be running as a mashup in another application. Users of this other application will not be setup as operators in pega. I'd like users coming in from this other application to run under a single system/applicaiton operator that is setup for this purpose. I know that we can send the UserIdentifier and Password as data-pega-action-param-parameters. However, I don't like this option as the id/pass is hardcoded in the html of the hosting application and sent in the clear as a query string parameter.

What suggestions are there to accomplish this? One option I was wondering about is if the application hosting the mashup could get a saml token for a single system/application id and then pass that when calling the mashup and go through the same SAMLAuth auth service as individual users.

Data Integration Security System Administration
Moderation Team has archived post,
Close popover This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.