We have DM major relase on the line. One issue I can anticipate is if you implement SSO for your existing DM version with attribute like Access Group ex:PegaDeploymentManager:Admnistrators then same will not holds good in upcoming version. So this might cause discrepency.
Thank you for the information, we will take de dependency into account.
I believe there can be two design solutions:
Configure SSO directly in DM application, but if this can be "removed" by an upgrade of DM application we will need to configure it again.
Create a new application just for configuring access groups and access roles (dependent on the ones used in DM) and SSO in this new app, so if DM is upgraded the configuration and SSO access will remain unchanged.
Create a new application built on DM application, and do as in 2.
Could you be so kind to let me know which solution do you think will be more accurate?
Thanks in advance,
Posted: 1 month ago
Updated: 1 month ago
Posted: 25 Jan 2021 11:06 EST Updated: 25 Jan 2021 11:10 EST
First is logging to DM using SSO configuration with operator ID of Pega platform.
Second is once logged in to DM environment, able to see or take action on pipeline in the portal as DM user.
With current versions of DM only first part is supported where you can configure SSO to use DM provided PegaDeploymentManager:Administrator accessgroup and user will be able to login to DM application.
But DM user will not be created automatically on SSO login and using DMRelaeaseAdmin operator ID you need to create the respective user manually in DM portal, post that he can see the pipelines or take action based on role assigned to him.
In our upcoming version which might get released by this month end or early next month, SSO is fully supported and on configuration of SSO, seamlessly DM user and his privilege will be configured.(you will be given help doc to set up SSO). No manaul creation of DM user.
If you can wait till our next release then you can use seamlessly SSO supported DM. Otherwise you can go ahead with implementation of SSO with PegaDeploymentManager:Administrator accessgroup attribute and you have to change this with relevant access group in SSO when our new DM version gets out which matches your first option out of 3 you mentioned above.
Can you confirm if the new version of DM which has been released recently for Pega 8.5.1 fully supports SSO integration? Once we integrate with SSO and map the operator to PegaDeploymentManager:Administrator accessgroup there is no need to create the user again in DM portal? You did mention that a help doc will be provided for the same. Can you share the details here as well?
Yes if you configure SSO then no need to create user again in DM portal. And help doc will give you step by step guide to configure SSO for seamless usage of DM. Can you please wait for couple of days as this help doc willl be published by next week?