Authenticating Pega Robot Manager users through Kerberos
Comply with your security policy by configuring Pega Robot Manager operators to use Kerberos to authenticate across multiple applications with a single set of credentials.
Kerberos is an open authentication standard that uses a ticketing system, which provides faster authentication and enables authentication delegation. By using Kerberos, you can dynamically provision operators as they log in to Pega Platform.
To ensure that the communication takes place explicitly over HTTP, you can configure Pega Platform to support Kerberos with third-party SPNEGO (Simple and Protected GSSAPI Negotiation Mechanism) libraries, or you can use any other Kerberos validation method to authenticate the traffic to Robot Manager. The following figure provides a Kerberos/SPNEGO authentication mechanism for Robot Manager users:
- Configuring Pega Robot Manager to use Kerberos authentication
Configure the RoboticsSSO service packages in Pega Robot Manager to support Kerberos for robot authentication.
- Selecting the Kerberos method for authenticating Pega Robot Manager users
Determine the Kerberos method for authenticating traffic to Pega Robot Manager by configuring the EnableDefaultKerberosAuthenticationForRobotManger dynamic system setting.
- Updating the robotics configuration files for single sign-on authentication through Kerberos
Update the common configuration settings to authenticate attended robots and package publish requests in Pega Robot Manager through Kerberos.
Previous topic Updating the robotics configuration files for SSO authentication through OAuth with SAML bearer Next topic Configuring Pega Robot Manager to use Kerberos authentication