Skip to main content


         This documentation site is for previous versions. Visit our new documentation site for current releases.      
 

Authentication services

Updated on July 1, 2021

To override or extend the default authentication process, create and configure an authentication service.

You can configure your application to authenticate users by using single sign-on (SSO) and external identity providers. Create an authentication service to configure Pega Platform with one of the following authentication methods:

  • A basic authentication service that validates username and password against the database or an external data source
  • SAML web single sign-on
  • OpenID Connect single sign-on
  • Kerberos sign-on
  • A custom solution that uses none of the above, for example, using a Lightweight Directory Access Protocol (LDAP)-compliant directory server
  • A service that supports activity by guest users, who can be prompted to authenticate themselves partway through a session
  • Token credentials

Default configuration

By default, your system includes a basic authentication service named Platform Authentication. You can save this service with a new name and change it, and you can create any type of authentication service, including the basic type.

The default servlet, PRAuth, provides a unified authentication gateway so that you do not need to edit prweb.xml or restart the server for new authentication services.

For more information on URL patterns and servlet names, see Application URL patterns for various authentication service types.

Security in App Studio

For information about configuring authentication services in App Studio, see: Security in App Studio.

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us