Service Rest Authentication without prompting for user credentials
We are trying to implement the following scenario in our company:
We need to implement Rest Services in PEGA that will be invoked from our company web portal.
An external user will access to our public company portal, the external user will be able to join our company to provide some services. In order to sign into our company, the external user will have to register and his/her credentials will be stored in a IIS web server.
Once the external user is registered in IIS, the user will have access to his/her private area in the web portal. From his/her private area, the user could launch some Pega processes or case types through Rest Services.
My question is: is there any way to authenticate the user for the Rest Service invocation without prompting the user to enter his/her credentials?. We do not want to use "Basic Authentication" in the Service Package ("Require Authentication check box) as a pop up browser window will be displayed prompting user to enter his/her credentials (we do not want it), we cannot use SSO custom authentication as the production environment is in Cloud and we do not have VPN connection enabled yet therefore SSO is discarded for us.
I am investigating whether we can use OUTH 2.0 authentication type or Custom authentication type in our Service Package would fit our requirements.
Basically we want to authenticate the the user accessing the Service Rest resources in PEGA but without displaying a pop browser window to enter his/her credentials?
Any idea on how to achieve this will be of much help.