Skip to main content

         This documentation site is for previous versions. Visit our new documentation site for current releases.      

Authorize applications with the OAuth 2.0 authorization code grant type

Updated on May 3, 2021

Pega Platform™ now supports the OAuth 2.0 authorization code grant type, which allows Pega Platform to act as an OAuth 2.0 access token provider for native applications on mobile and other devices. By using the authorization code grant type for mobile clients, you no longer need to implement a variety of standards for various authentication providers.

The authorization code grant type also supports the Proof Key for Code Exchange standard (PKCE) for securing public clients.

The following figure shows an OAuth 2.0 client registration rule with an authorization code grant type.


OAuth 2.0 client registration rule with authorization code grant type

For more information, see Creating and configuring an OAuth 2.0 client registration.

  • Previous topic Process personal client data securely with client-based access control
  • Next topic Improve your system security by regenerating the master key

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best. is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us