Links may not function; however, this content may be relevant to outdated versions of the product.
Customizing login screens for your Pega application
+
This content applies to On-premises, Client-managed cloud and Pega Cloud environments
Your Pega application uses several rules that correspond to each screen accessed by unauthenticated operators (users who have not logged in). Pega Platform™ allows you to customize these screens—including the login screen, authentication screen, logout screen, and other screens—through their source HTML and custom cascading style sheets (CSS).
You might want to edit your application login screen to display a new logo or background image for your application, to maintain design consistency according to your enterprise style guide, or to change the single sign-on button appearance.
Before you begin
If you have not yet done so, create an authentication service. Your application requires an authentication service for users to securely log in. For more information, see Creating an authentication service.
Configuring a Browser requestor type
After you create an authentication service, you must associate a Browser requestor and Pega application with an unauthenticated Access Group and ruleset to synchronize customizations of your login screens with your application by performing the following tasks:
- Create a new system (on-premises only).
- Associate the system with the Browser requestor (on-premises only).
- Create an Access Group to associate with the Browser requestor.
- Create an unauthenticated ruleset.
- Include the unauthenticated ruleset in your Access Group.
- Adding the ruleset stack to your application.
- Update the Browser requestor type.
Creating a new system (on-premises only)
Create a system to later associate with the Browser requestor. The system identifies a single instance of your Pega Platform occurrence for your unauthenticated operators to access.
- In the navigation header of Dev Studio, click Create > SysAdmin > System.
- In the Create System rule form, enter a short description and a system name.
- Note the system name for future use.
- Click Create and Open.
- Click Save.
Associating the system with the Browser requestor (on-premises only)
Create a new dynamic system setting that associates the new system with the Browser requestor.
- In the navigation pane of Dev Studio, click Records > SysAdmin > Dynamic System Settings.
- In the Setting Purpose column, click the Search icon (▼).
- In the Search Text field, enter prconfig/identification/systemName/default.
- Click Apply.
- Click the resulting row.
- In the Value field, associate the requestor with the system that you created by entering the new system name.
- Restart the application server.
Creating an Access Group to associate with the Browser requestor
Save a copy of the PRPC:Unauthenticated Access Group to maintain its roles for unauthenticated operators.
- In the navigation pane of Dev Studio, click Records > Security > Access Group.
- In the Access Group Name column, click the Search icon (▼).
- In the Search Text field, enter PRPC:Unauthenticated.
Click the resulting row.
In the rule form header, select the list next to the Save button.
Click Save As.
In the Save Access Group As form, enter a short description and a name for the Access Group.
- Click Create and Open.
- In the Application section of the Access Group rule form, enter the following information:
- The name of the application that you want to customize.
- The version of the application that you want to customize.
- In the Available portals section, select the portal for which you want to customize the login screen HTML and CSS.
- Click Save.
Creating an unauthenticated ruleset
Create a ruleset for an unauthenticated operator to access the Browser requestor session used by the login screens.
- In the navigation pane of Dev Studio, click Records > SysAdmin > Ruleset.
- In the Create Ruleset Version field, enter the following information:
- A ruleset name. Include a hyphen (-) and unauthenticated after the ruleset name, for example: <
rulesetname>-unauthenticated - The ruleset version, for example:
01-01-01 - A description for the ruleset.
- A ruleset name. Include a hyphen (-) and unauthenticated after the ruleset name, for example: <
- Note the unauthenticated ruleset name and version for future use.
- Click Create, then click Save.
Including the unauthenticated ruleset in your Access Group
Add the unauthenticated ruleset that you created to the unauthenticated Access Group.
- In the navigation tabs of Dev Studio, select your unauthenticated Access Group.
- In the Run time configuration setting section, in Production Rulesets, add the ruleset that you created.
Adding the ruleset stack to your current application
Add the unauthenticated ruleset that contains the unauthenticated Access Group and its composite roles to your application.
- In the navigation header of Dev Studio, select Configure > Application > Structure > Ruleset Stack.
- Select the application for which you want to edit the web login HTML and CSS.
- Click Add ruleset.
- Add the unauthenticated ruleset that you created to associate with the Browser requestor.
- Click Save.
Updating the Browser requestor type
Update the Browser requestor to use the unauthenticated Access Group:
- In the navigation header of Dev Studio, select Configure > System > General > Requestors.
- In the Requestors list, select the Browser requestor that is associated with the system that you created.
- In the Access Group Name field, enter the Access Group that you created.
- Click Save.
You associated the Browser requestor with the Pega application and its unauthenticated ruleset, and can now customize the login screens for unauthenticated operators.
Editing the source markup language to customize the login screens
Your Pega application uses several rules that form the source markup HTML and CSS of your login screens. To customize these login screens, you can add your own HTML structure, CSS elements, or background images to the source fields in each of their respective HTML and Text rules.
You can edit the source markup language by completing the following tasks:
- Edit the source HTML of your login screens
- Edit the CSS of your login screens
- Add a new background image to your login screens
HTML rules containing source HTML for login screens
If you want to edit the source HTML of your login screens, open the HTML rules your Pega application uses, then edit the source HTML. HTML rules containing your login screen source HTML include the following items:
| Rule name | Description |
| Web-Login | HTML rule used for the login screen for an unauthenticated operator session. Used by the /prWeb/ servlet. Prompts users for login ID and password. |
| Web-Login-LDAPAuth | HTML rule used for the LDAP login screen for an unauthenticated operator session. Prompts user for LDAP login ID and passwords. |
| pyDisplayAuthScreenSelector | HTML rule used for an authentication screen for an unauthenticated operator session. Used by the /PRAuth/ servlet. Requests users for an identity provider (IDP) for single sign-on. If users select a third-party IDP on this screen (such as Google), the user redirects to an IDP login screen not managed by Pega. Prompts users for login ID, password, and single sign-on credentials. |
| pyForgotPassword | HTML rule used for the session Forgot Password screen. |
Editing the source HTML of your login screen
Customize the HTML of your login screen.
- In the navigation pane in Dev Studio, open the existing HTML rule by clicking Records > Technical > HTML.
- In the Stream name column, click the Search icon (▼).
- In the Search Text field, enter the rule name of the login screen that you want to edit.
- Click Apply.
- Click the resulting row.
Pega Platform displays the HTML rule form. - In the Generate For list, select whether your customized login screen uses HTML directives or JavaServer screen (JSP) tags.
- In the Browser Support list, select whether Modern browsers or Microsoft Internet Explorer only (IE only) support your customized login screen.
- In the Accessibility list, tag whether your customized login screens meet your requirements when calculating the application Accessibility compliance report.
For more about Accessibility compliance reports, see Using the Accessibility report. - In the HTML source field, enter your customized login screen HTML.
- (Optional) If your customized login references to clipboard pages, click the Pages and Classes tab.
- (Optional) Enter the required clipboard pages and the classes to which they belong.
- Click Save.
The customized HTML of your login screen is built into your application instance of Pega-Engine. - Click Check-in to add changes to the unauthenticated ruleset you created.
- In the Actions list, select Preview.
Confirm that the login screen reflects your customized HTML.
For more information about HTML rules, see About HTML rules.
Text rules containing source CSS for login screens
Your Pega application uses the following Text rules to form the login screen.
| Rule name | Description |
| webweb.pychangepassword.css | CSS for the pyForgotPassword HTML. |
| py-login-screen | CSS for the Web-Login, Web-login-LDAP, and pyDisplayAuthScreenSelector HTML. |
| py-login-screen-auth-providers | CSS for the authentication IDP buttons in the pyDisplayAuthScreenSelector HTML. |
Editing the CSS of your login screen
Edit these Text rules to customize the CSS of your login screens.
- In the navigation pane in Dev Studio, open the existing Pega login Text rule by clicking Records > Technical > Text.
- In the Stream name column, click the search icon (▼).
- In the Search Text field, enter the rule name of the login screen or IDP button you want to edit.
- Click Apply.
- Click the resulting row.
Pega Platform displays the associated CSS file. - In the CSS field, enter your customized login screen CSS, or upload a new CSS file.
- Click Save.
The customized HTML of your login screen is built into your application instance of Pega-Engine. - Click Check-in to add changes to the unauthenticated Pega ruleset you created.
Confirm that the login screen reflects your customized CSS.
Adding a new background image to your login screen
You can integrate a custom background image into your Pega application login screen HTML through a binary file.
- In the navigation header of Dev Studio, select Create > Technical > Binary File.
Pega Platform displays the Binary File Record Configuration form. - Complete the configuration form:
- In the Label field, enter a unique label for the image.
- In the App Name (Directory) field, enter
webwb. - In the File Type (extension) field, enter the Windows extension (for example, png, jpeg) for the file you want to upload to the binary file. Do not include a period.
- In the Context section, select the application that contains your unauthenticated ruleset.
- In the Add to ruleset list, select the unauthenticated ruleset that you created.
- Click Create and open to display the Binary File rule form.
- Click Upload file to open the file browser.
- Click Save.
In the Image details section, Pega Platform displays the file that you uploaded and its dimensions. - Note the dimensions of the image for future use in the CSS file.
- In the navigation pane of Dev Studio, select Records > Technical > Text File.
- In the File Name column, click the Search icon (▼).
- In the search text field, enter the Text rule that contains the CSS of the login screen you want to customize with the image as a background.
For more information, see Text login rules. - Click Apply.
- Click the resulting row.
- Press CTRL + F and enter the following text:
body { - In the
background-imageelement, replace the existing values with the image name and extension in the following format:url(image_name.extension); Below the
background-imageelement, enter a background-size element with the dimensions of the image for width and height in pixels (px),for example:background-size: widthpx heightpx;
- Click Check-in to add changes to the unauthenticated ruleset that you created.
- Confirm that the background image appears correctly on your background for the selected login screen.