Authenticating with OAuth 2.0
To send data records to and from your application by using OAuth 2.0 credentials, configure an OAuth 2.0 profile.
- In the Authentication section of the Data Object wizard, in the Authentication scheme field, select OAuth2.0.
-
In the Provider field, select the external application
for Pega Platform to connect to, or select Create new and
perform the following steps to create a provider.
- In the Provider name field, enter the name of the provider.
- Click the gear icon.
- In the Name field, enter the name of the provider.
- In the Authorization code endpoint field, enter the authorization code endpoint URL that is specified in the API guide of the application that you want to connect to.
- In the Access token endpoint field, enter the access token URL that is specified in the API guide of the application that you want to connect to.
- In the Revoke token endpoint field, enter the revoke token URL that is specified in the API guide of the application that you want to connect to.
-
In the Send client credentials as section,
select how to send the client credentials.
- Basic – Send the client credentials (client ID and client secret) to the external application as a part of the authorization header.
- Post – Send the client credentials in the body of the POST request.
-
In the Send access token as section, select how
to send the access token to the external application.
- Authorization header
- Query string parameter
- Click Submit.
- In the Grant type field, select the grant type for the provider, client credentials or authorization code.
- In the Client identifier field, enter the client ID that is provided by the external application.
- In the Client secret field, enter the client secret that is provided by the external application.
- In the Redirect URL field, enter a URL to specify the target endpoint to redirect to an application.
- In the Scope field, enter the scope as specified in the API guide of the external application and that is configured for this client.
-
To provide additional parameters that might be required by your OAuth 2.0
provider, in the Additional endpoint parameters section,
click Add parameter and enter a
Name and Value in the
following subsections:
- Authorization code
- Access token
- Revoke token
- Refresh token
Note: For more information about authentication profiles, see Authentication profiles