Selecting an authentication service

Build safe mobile apps by selecting an authentication source that matches your security requirements. For example, use the default Platform Authentication service to effectively build secure apps that authenticate with Pega Platform credentials.

Before you begin: Ensure that the app uses HTTPS and a trusted SSL certificate.
By default, mobile apps use the OAuth 2.0 authorization code grant flow against the Pega Platform authentication service. The configuration of this framework is automatic when you build an app. Alternatively, you can configure Pega Infinity Mobile Client to use the OIDC authorization code flow directly against an external identity provider. For more information, see Configuring direct authentication against an external OIDC server for Pega Infinity Mobile Client.
  1. In the header of Dev Studio, click the name of the application, and then click Channels and interfaces.
  2. On the Channels & interfaces screen, choose the app for which you want to select an authentication service:
    Choice Actions
    New app In the Create new channel interface section, click Mobile.
    Existing app
    1. In the Current channel interfaces section, click the icon that represents your existing mobile app.
    2. Click Modify build
  3. In the mobile channel interface, on the Configuration tab, expand the Security section.
  4. In the Select authentication source list, select how users authenticate in your mobile app:
    • To display a screen with all enabled authentication services for users to select when they sign in to the app, select User choice.
    • To determine that users sign in to the app with the default authentication service that uses the credentials that are stored in the Pega Platform database, select Platform Authentication.
    • To determine that users sign in to the app with only one of the enabled authentication services, select a specific authentication service.
    Note: Pega Infinity Mobile Client supports the following types of authentication services:
    • OpenID Connect (OIDC)
    • Security Assertion Markup Language (SAML)
    • Basic credentials
    For more information about creating custom authentication services, see Creating an authentication service.
  5. Click Save.