Apply authentication methods to ensure that only users and systems with a verified identity can access your applications, web pages, APIs, and data. Authentication includes verifying user credentials, Pega Platform requests to external services, and external service requests to Pega Platform. You can also authenticate by using an external identity provider.
For more information about Pega authentication methods, see: Authentication.
For more information about creating Pega authentication methods, see: Authentication profiles.
How to identify
The rows in the output report from the Pega Cloud Readiness Tool are:
Area: Security and Authentication
Rule Type: Data-Admin-Security-AuthenticationProfile
How to modernize
Pega Platform supports several protocols for user logins for modern Pega applications. The most commonly used protocols are:
- Basic credentials
- SAML 2.0
- OpenID Connect
- Token credentials
For more information, see: Authentication.
NOTE: The Authentication article states that Microsoft Active Directory (AD) is supported for SAML 2.0. Use it with Active Directory Federated Services (ADFS) to provide single sign-on access. For more information, see Creating a SAML SSO authentication service in App Studio.
You can customize authentication services to use information that is stored within the identity provider to determine the user's roles and privileges in Pega Platform. There are three options for connecting to Pega Cloud:
- Internet only
- Private connection only
- Internet plus private connection
For more information, see Networking details for your Pega Cloud environments.
Pega encourages clients to use web services like REST/SOAP that travel over the encrypted internet (HTTPS). This does not require a private connection and is still secure.
Pega Cloud supports several connectivity options to manage public and private network traffic between your Pega Cloud environment and your enterprise network while fulfilling your network security requirements.
Pega offers Pega Cloud® Secure Connect to enable connectivity between your users and systems and Pega Cloud with options beyond public Internet access.
For more information, see Pega Cloud Secure Connect: your access to Pega Cloud.