Manjunatha HV (ManjuHV)
Founder and Principal Pega Consultant
ManjuHV Member since 2017 4 posts
Posted: January 5, 2018
Last activity: January 10, 2018
Posted: 5 Jan 2018 0:15 EST
Last activity: 10 Jan 2018 21:59 EST

Pega Mashup Security

Dear Team,

We have the following security requirements related to pega mashup. Kindly advise.

1. Separate different URL for Pega mashup - Our pega app server's are in Intranet zone and pega mashup gadget will be embedded in the website which is internet. How do we expose this separate URL using proxy servers ?

2. Session Management and Session time out configs - How do we manage web session (website) and Pega session created using mashup gadget ?

3. Authentication : How do we authenticate the external user from Pega. This user is not a LDAP user or not an operator ID exist in Pega.

4. Pass the Params from Mashup : We need to pass parameters like Member ID etc to create the case in Pega or pull the worklist based on this Member ID. How do we encrypt this Member ID and send to Pega and decrypt at pega side to create a case/pull a case. (Need to be encrypted, as Member ID should not be visible in the HTML source)

5. External user would be attaching a files or creating a case by filling the sensitive data. How do we encrypt and send this information or in other words how do we encrypt for both Inward and outward data ?



Low-Code App Development Security
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.