Build safe mobile apps by selecting an authentication source that matches your
security requirements. For example, use the default Platform Authentication service to
effectively build secure apps that authenticate with Pega Platform
credentials.
Before you begin: Ensure that the app uses HTTPS and a trusted SSL
certificate.
By default, mobile apps use the OAuth 2.0 authorization
code grant flow against the Pega Platform authentication service. The
configuration of this framework is automatic when you build an app. Alternatively, you
can configure Pega Infinity Mobile Client to use the OIDC authorization code flow
directly against an external identity provider. For more information, see Configuring direct authentication against an external OIDC server for Pega Infinity Mobile Client.
-
In the navigation panel of
App Studio, click Interfaces.
-
On the Channels & interfaces screen, choose the app
for which you want to select an authentication service:
Choice |
Actions |
New app |
In the Create new channel interface section,
click Mobile. |
Existing app |
- In the Current channel interfaces section,
click the icon that represents your existing mobile app.
- Click Modify build
|
-
In the mobile channel interface, on the Configuration
tab, expand the Security section.
-
In the Select authentication source list, select how
users authenticate in your mobile app:
- To display a screen with all enabled authentication services for users
to select when they sign in to the app, select User
choice.
- To determine that users sign in to the app with the default
authentication service that uses the credentials that are stored in the
Pega Platform database, select Platform
Authentication.
- To determine that users sign in to the app with only one of the enabled
authentication services, select a specific authentication service.
Note: Pega Infinity Mobile Client supports the following types of
authentication services:
- OpenID Connect (OIDC)
- Security Assertion Markup Language (SAML)
- Basic credentials
For more information about creating custom authentication
services, see
Creating an authentication service.
-
Click Save.