Skip to main content


         This documentation site is for previous versions. Visit our new documentation site for current releases.      
 

OAuth 2.0 client registrations

Updated on March 15, 2022

The OAuth 2.0 protocol allows mobile native applications and external applications such as Facebook and Google to communicate securely with Pega Platform over HTTPS. You define OAuth 2.0 client registration data instances to allow external applications to access Pega Platform REST services by using access tokens.

An OAuth 2.0 client data instance is an external application that requests access to Pega Platform. When Pega Platform and the client use OAuth 2.0, they negotiate a token that allows the client to access Pega Platform for a defined period.

The grant types supported by Pega Platform OAuth 2.0 clients are authorization code, client credentials, password credentials, Security Assertion Markup Language (SAML) bearer assertion, and JSON Web Tokens (JWT) bearer assertion. You can use these grant types alone or in combination with each other.

Note: Use OAuth 2.0 to protect the REST services for which the consumer is an application and not an individual user. For example, if an insurance company wants to create new claims adjustment cases, the insurance application can make Pega API REST calls to create the cases. If the Pega API REST services are protected by OAuth 2.0, the client application developer registers the client and uses an access token to make Pega API REST calls. Pega Platform authorizes the application by using the operator ID that is associated with the client during registration, not the operator ID that is associated with the developer.
  • Previous topic Setting up an OAuth 2.0 client registration
  • Next topic Creating and configuring an OAuth 2.0 client registration

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us