Skip to main content

         This documentation site is for previous versions. Visit our new documentation site for current releases.      

Setting up an OAuth 2.0 client registration

Updated on July 1, 2021

Configure an OAuth 2.0 client registration data instance to allow an external application or mobile native application to access Pega Platform REST services over HTTPS.

Pega Platform can act as both an OAuth 2.0 provider and an OAuth 2.0 client when you use the client credentials grant type. In this grant type, a Pega application can get an access token for its own account, unrelated to a specific user.

To use OAuth 2.0 to protect your REST services, select OAuth 2.0 as the Authentication type in the service package to which the REST services belong. For more information, see Service Package form - Completing the Context tab.

Note: Pega Platform does not support the optional scope parameter that is a part of the OAuth 2.0 specification for endpoints other than Userinfo. The default access group for the OAuth 2.0 operator is the default scope.

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best. is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us