OAuth 2.0 providers
OAuth 2.0 is a protocol that allows Pega Platform to communicate securely with external applications such as Facebook, and Google over HTTPS. You define OAuth 2.0 provider data instances to allow Pega Platform to access protected external resources by using access tokens.
An OAuth 2.0 provider data instance is an external application that Pega Platform connects to. When using OAuth 2.0, Pega Platform and the provider negotiate a token that allows Pega Platform to access the external application for a defined period.
The grant types supported by Pega Platform OAuth 2.0 providers are client credentials, authorization code, and password credentials. You can use these grant types alone or in combination with each other.
With the client credentials grant type, you obtain client credentials from the external application that you want to connect to. These credentials are then used to generate an access token that allows you to access protected resources in the external application for a defined period. This grant type is used when the OAuth 2.0 consumer is an application and not an individual operator or user.
With the authorization code grant type, your application submits an authorization code request to the external application that you want to connect to. The authorization server of the external application validates the credentials in the request, and then authenticates you via your user credentials to produce an authorization code. You can use the code to generate an access token, which allows access to your protected resources on the external application. This grant type is used when your application does not have a trusted relationship with the API provider. For example, you can connect to Facebook from your Pega Platform application to access your photos.
With the password credentials grant type, your application exchanges your user credentials for an access token. This grant type is used when your application has a trusted relationship with the API provider or when other authorization grants are not supported.
Create an OAuth 2.0 Provider data instance to allow your application to securely access web service APIs. Each external application handles the OAuth 2.0 protocol in its own way. For more information, see the API guide for the application that you want to work with.