Custom parameters for OAuth 2.0 ROPC authentication for mobile apps
Learn about the parameters that you must set when you configure user authentication with OAuth 2.0 tokens, using the Resource Owner Password Credentials (ROPC) authentication flow.
Parameter |
Description |
|---|---|
container.authentication.oauth2.authorizationEndpoint |
A URL address of the authorization endpoint that conforms to the OAuth 2.0 protocol. Pega Mobile Client connects to this endpoint to obtain authorization from the resource owner through user-agent redirection. The setting is required for "Authorization Code" grant type. |
container.authentication.oauth2.clientId |
An identifier of the Pega Mobile Client in the authentication server. This value of this setting must match the corresponding value configured in the authentication server. |
container.authentication.oauth2.clientSecret |
A secret value that is shared between Pega Mobile Client and the authentication server. This value of this setting must match the corresponding value configured in the authentication server. |
container.authentication.oauth2.grantType |
A type of OAuth 2.0 flow that is used to obtain access tokens. It must be set to password. |
container.authentication.oauth2.scope |
A space-separated list of permissions that users must have in order to access Pega Platform. Because Pega Platform needs to determine the identities and email addresses of users, the list must include "email" and "profile" scopes. Therefore, the minimal valid setting is email profile. |
container.authentication.oauth2.tokenEndpoint |
A URL address of the token endpoint that conforms to the OAuth 2.0 protocol. This endpoint is exposed by the authentication server. Pega Mobile Client connects to this endpoint to authorize users who are attempting to access Pega Platform. |
container.authentication.oauth2.redirectUri |
A URI address of the endpoint that Pega Mobile Client connects to, to obtain authorization code which can be exchanged for access token. The setting is required for "Authorization Code" grant type. |
container.authentication.oauth2.userInfoEndpoint |
A URL address of the authorization endpoint that conforms to the OAuth 2.0 protocol. Pega Mobile Client connects to this endpoint to obtain information about authenticated user. The setting is required for "Authorization Code" grant type. |
container.authentication.oauth2.tokenRevocationEndpoint |
A URL address of the authorization endpoint that conforms to the OAuth 2.0 protocol. Pega Mobile Client connects to this endpoint to revoke access or refresh the token. Optional. |
container.authentication.oauth2.service |
A name of the authentication service configured on a Pega Platform server. Optional. |