Question

Pega 8.3 OAuth2 / GrantType Password - How to set username/password

Hi,

we (Pega 8.3) plan to invoke a system which requires OAuth2 authentication with grant type password.

I have to create an "Authentication Profile" rule, where I can set username/password. But in those text fields I cannot set values directly. It was requested to have a property reference. Here I would like to used a data page reference. But what is the syntax to query it here rather it is possible.

I checked here also documentation, which is not detailed enough. Please also check the attachment:

Correct Answer
November 19, 2019 - 1:50am

Hi Kevin,

For Pega as a OAuth Provider, User authentication for ROPC grant type is being done in OperatorIdentityMapper.java

If we don't provide valid username and password, we get the below error:

{
    "errors": [
        {
            "ID": "unauthenticated_user",
            "message": "The user is not authenticated"
        }
    ]
}

For internal users, operator validation is done in OperatorIdentityMapper class. you could you update operator properties through pyCustomIdentityMappingAct.

 

 

Thanks,

Rajesh

Comments

Keep up to date on this post and subscribe to comments

November 18, 2019 - 8:19am

Normally it should be a data page name followed by the property name, e.g., D_OAuth2Client.pyUserName. You obviously have to create the DP first. Is that not working for you?

November 18, 2019 - 10:32am
Response to KevinZheng_GCS

Hi Kevin,

I can confirm it is working now.

Andre

November 18, 2019 - 11:00am
Response to KevinZheng_GCS

Hi Kevin,

honestly I don't know if it is working. Because within Pega itself Password Credential is not working, rather username password is not checked., if Pega is the server!!!

I checked the code, I also over wrote the code with a log statement, but it not logging "error".

Please check:

Pega (Consumer) invokes Pega (Provider) with OAuth2 Password Credentials. Pega as Provider does not check credentials.

:-(

Andre

Pega
November 19, 2019 - 1:50am
Response to AndreG66

Hi Kevin,

For Pega as a OAuth Provider, User authentication for ROPC grant type is being done in OperatorIdentityMapper.java

If we don't provide valid username and password, we get the below error:

{
    "errors": [
        {
            "ID": "unauthenticated_user",
            "message": "The user is not authenticated"
        }
    ]
}

For internal users, operator validation is done in OperatorIdentityMapper class. you could you update operator properties through pyCustomIdentityMappingAct.

 

 

Thanks,

Rajesh

November 19, 2019 - 4:13am
Response to gottr1

Hi,

I can confirm! After revoking token and setting wrong password I get this error. Once corrected password it is working.

Andre