Configuring direct authentication against an external OIDC server for Pega Infinity Mobile Client

Increase the security of your application by configuring Pega Infinity Mobile Client to authenticate mobile users directly against an external OpenID Connect (OIDC) identity provider through the OIDC authorization code authentication flow.

In this scenario, users authenticate once against an external identity provider that complies with the OIDC standard. Subsequent access to Pega Platform requires a token that comes from the OAuth 2.0 authorization layer.
Note: If you configure Pega Mobile Client to authenticate directly against an external OIDC identity provider, Pega Platform ignores any settings that you configure on the mobile channel configuration page, in the Select authentication service field.
Note: Pega Platform does not automatically create IDs for operators when they attempt to log in. Create all potential operator IDs in advance. For more information, see Creating an operator ID.
Before you begin: Prepare for the configuration of the direct user authentication against an external OIDC server by learning about accessing Pega Platform from external applications. For more information, see Authenticating requests in services.
  1. Configure the client registration service.
  2. Enable the mobile authentication service.
  3. Prepare and upload the app.properties file.
Result: You can generate the mobile app executable files. For more information, see Generating installation packages.