How to provide an OAuth authentication for Service REST in PEGA?

In this particular post, we will learn how to provide OAuth authentication for REST service in PEGA. We will use Postman to test the same.

OAuth provides a secure way of data transfer between the applications without revealing the user’s identity or credentials. It is a token-based authentication to access a resource. For example, Google, Facebook, Amazon uses OAuth authentication for their users to provide third-party merchant applications.

Pre-requisites

Step 1: Register as an OAuth Client

In PEGA -> DEV Studio, access the Security -> OAuth Client 2.0 Client Registration records

Create a new client — Click — Create Button

Registring the client as a Local Postman [As testing from Postman in the local machine]

You will see the Client Credentials as below. Click — View & Download button to download the client credentials.

It will download a text file in your downloads folder

Step 2: Verify and update the supported grant types

There are different supported grant types the OAuth authorization server supports. Authorization code, Client Credentials, Password Credentials, SAML bearer and JWT bearer.

For this learning enable — Client Credentials and Password Credentials

Client Credentials: Set the Operator Context or Access Group context

Password Credentials: Provide the default Identify mapping

Save the records

Step 3: Access the OAuth Token in Postman

Access the DX API V2 resource [Access the Service Package — Application]. Verify the Service Package uses the OAuth authentication.

Open Postman — Navigate to Authentication and type as OAuth

Open the downloaded client credentials text file and provide the configuration values as below

Client ID

Client Secret

Access Token URL

Click on the Get New Access Token button

Click on proceed — You will get the Access Token

Click — Use Token — You can see the token populated as Bearer token

Now access the /data_objects resource of DX API V2. You can access the resource which has OAuth authentication.

Woohoo — Congratulations, now you successfully learned how to provide OAuth authentication for Services in PEGA applications.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Sandeep Pamidamarri

Digital Transformation Leader | Pega Lead Solution Architect | Pega Certified Data Scientist | Pega Customer Service | Pega Sales Automation | AWS Cloud