Configuring the client registration for Pega Mobile Client authentication against an external OIDC server
Configure client registration to increase the security of your application, by enabling authentication against an external OpenID Connect (OIDC) identity provider (IdP) for Pega Mobile Client.
- In the header of Dev Studio, click .
- On the Create OAuth 2.0 Client Registration screen, enter the name and a short description of the client, and then click Create and open.
- In the Client credentials section, select Confidential.
- Click View & download, and then download the text file with client registration parameters by clicking Download credentials.
- In the Supported grant types section, clear any selected options, and then select the JWT bearer check box.
- In the Identity mapping box, specify the identity mapping:
- To use an existing identity mapping data instance, in the list of entries, select a JSON Web Token identity mapping instance, and then go to step 12.
- To create a new identity mapping data instance, click the Open icon.
- On the Create Identity Mapping screen, enter the name and a short description of the identity mapping instance, and then click Create and open.
- In the Token processing profile field, specify the profile for
validating the token:
- To use an existing token processing profile, in the list of instances, select an existing JSON Web Token token processing profile, and then go to step 11.
- To create a new token processing profile, click the Open icon.
- On the token processing profile configuration screen, in the Claims
validation section, define the validation parameters:
- In the Issuer (iss) field, enter the address of an external OIDC authentication server.
- In the Audience (aud) field, enter the Client ID value that you obtain from the OIDC authentication server.
- On the token processing profile configuration screen, save the token processing profile by clicking Save.
- On the identity mapping profile configuration screen, save the identity mapping by clicking Save.
- On the client registration configuration screen, save the client registration by clicking Save.
Previous topic Custom parameters for direct authentication against an external OIDC server Next topic Enabling the mobile authentication service for Pega Mobile Client authentication against an external OIDC server