Question

2
Replies
709
Views
JeremyR4 Member since 2019 14 posts
Segue Technologies Inc
Posted: May 6, 2019
Last activity: May 9, 2019
Closed
Solved

Pega Platform 8.2 External Authentication allows users to enter any password

Hello,

We recently came across an issue that went unnoticed when we first set up our Pega Platform 8.2 instance. Any configured user at the moment can enter any password and access the application. We have set up a custom authentication service which utilizes external authentication to allow users to use their internal password rather than having to create one. For example, users are configured to have the userid <lastname><firstinitial> and use their internal password. I believe this is happening due to the way the authentication service was configured but I am unable to find the where it was stored once configured. Any idea on where this configuration was stored? Thanks.

***Edited by Moderator Marissa to update platform capability tags****

Pega Platform Security
Moderation Team has archived post
Share this page LinkedIn