Lloyds Banking Group PLC

Lloyds Banking Group PLC
LEELABIRAMS6337 Member since 2017 22 posts
Lloyds Banking Group PLC
Posted: March 13, 2019
Last activity: July 10, 2019
Posted: 13 Mar 2019 6:56 EDT
Last activity: 10 Jul 2019 3:29 EDT

Mutual Auth for services exposed from PEGA

v7.3.1 | WAS 8.5.5

Our PEGA application exposes a number of services to other non-PEGA applications to consume and basic authentication has been used for auth wherein the calling application passes the user identifier and password to the service.

However, our security requirement suggests we would be better of using mutual auth for this and we would like to know if there would be any challenges in achieving this.

My simple understanding of this was -

Store both the client and service provider certificates of both the applications involved in their corresponding servers and enable the "Require TLS/SSL for REST services in this package" setting in the service package.

Guidance from anyone who has done this before would be appreciated.

Pega Platform Data Integration
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.