MZilly Member since 2016 5 posts
Posted: July 29, 2019
Last activity: September 30, 2019

Open ID Connect Authentication Profile

Hi all,

we are currently implementing OIDC on Pega 8.2.1

The code works and I'm able to log in successfully.
Our requirement is to use the received access token as security header for later calls. This would normally be done by configuring an OAuth Provider and Authentication Profile rule to receive and use an access token.

Considering it is the same IdP it seems like a redundant configuration as I have to maintain client and secret in the Authentication Service and Profile rule and URLs in the Authentication Service and OAuth Provider rule.

How can I use the already available access token in later subsequent interface calls? Unfortunately I can't select my OIDC configuration as Authentication Profile in a Connect Rest rule. I know I could build a workaround saving the access token from the clipboard page AccessTokenPage during log in and work with it subsequently. This seems to go against a possible intended solution though.

Kind regards

Pega Platform Security
Moderation Team has archived post
Share this page LinkedIn