This page describes additional topics relevant to authentication services that are not directly referenced on the rule form.
- Authentication services and rule availability
Authentication services are data instances that are available to all requestors. Authentication services can use rules such as preauthentication activities, data pages, and data transforms that need to be available to the requestor at various times during the authentication process. You make these rules available by defining them in the appropriate rulesets.
- Authentication services and security policies
To improve security in authentication services that support security policies, you select which policies to enable by using the Security policies tab of the authentication service. You define the details of each policy, such as the minimum password length and the duration of a one-time password, on the Security Policies landing page.
- Application URL patterns for various authentication service types
Authentication services other than Custom and Kerberos use the PRAuth servlet by default. However, for backward compatibility with earlier versions of Pega Platform, you can authenticate by explicitly specifying PRServlet in the application URL instead of PRAuth, or by removing the servlet name.