Skip to main content
Contact a Moderator

Question

3
Replies
173
Views
 Abhisht Sathyanarayana (AbhishtS)
Los Alamos National Laboratory

Los Alamos National Laboratory
US
AbhishtS Member since 2020 4 posts
Los Alamos National Laboratory
Posted: October 10, 2020
Last activity: November 19, 2020
Posted: 10 Oct 2020 16:26 EDT
Last activity: 19 Nov 2020 0:06 EST
Closed

SAML 2.0 Pega API REST Services

Hi, How do we implement SAML 2.0 Authentication on Pega API (to run the REST services)  since we only have three Authentication Types under Service Package: api(Basic, Custom, OAuth)? The Operator already has PegaRULES:PegaAPI as part of their role on the default Access Group and the REST API(s) seem to work fine with Basic Authentication. The Operator has also been updated to enable the option 'Use External Authentication' and the user is able to login to the Developer Portal with the SAML 2.0 auth. Putting the SAML 2.0 Auth Service under the 'Custom' Authentication Type in the Service Package: api didn't work with the REST API(s) either and the SAML Tracer showed no indication that the SAML request was ever made.   Thanks.

Pega Platform 8.4.1 System Administration Other Industry UX Developer
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.
Posted: 1 year ago
Posted: 17 Oct 2020 6:08 EDT
GOPI REDDY ILLURI (GOPIREDDY)
Inovar
Technical Lead
Inovar
SA

I have seen that PEGA itself mentioned that SSO works only with Web. Some one from PEGA expertise team has to comment on this , when we refer the same authentication service from service package , will it work or not.

Configure this SAML authentication service to enable web Single Sign-On (SSO) for your application.

I am exploring things on this. i will let you know if get to know anything.
Posted: 1 year ago
Posted: 26 Oct 2020 12:27 EDT
Sreedhar Kalasapati (Sree Evonsys)
Evonsys
Director - Technology
Evonsys
IN

SAML SSO authentication will work wtih REST API. I did the same in 8.3 and was working fine. Select the authentication type as Custom and give the SAML auth service rule. It should save without any errors. Change the processing mode from Stateless to Statefull. It will work. But the same is not working after upgrading to 8.5.1 version. In latest version, Pega expecting a authentication activity for Cutom type authenticaiton. Seems like something changed from Pega end in new version.
Posted: 1 year ago
Posted: 19 Nov 2020 0:06 EST
Pavan Kumar Ramadugula (ramap2)
PEGA
Product Manager - Application Security
Pegasystems Inc.
IN

SAML 2.0 is vastly used for web SSO primarily aimed at user authentication. REST API on other hand is a async way of accessing application functionality via various channels like web, mobile apps, IoT etc that involves both user and API consumer verification. So OAuth 2.0 is the industry recommended standard to use. To hook up any existing SAML SSO implementation, look into OAuth 2.0 with SAMLBearer grant type. This allows exchange of a SAML 2.0 token for an oauth access token that can be used to access the REST API.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice