Pega Web Mashup enables you to embed Pega application content or functionality within a web page or mobile application on your intranet or internet site, for users to view on any device. This allows business users to access your Pega Platform™ application through familiar sites and devices, such as the home page of a company portal or a client-facing web app. By embedding a mashup, you can combine user interfaces without creating and managing a separate application or interface. Mashups generated by Pega Web Mashup provide the same rich application experience users normally have in a Pega Platform application.
Creating a Pega Web Mashup
You can create a Pega Web Mashup in either App Studio or Dev Studio and deploy it to leverage the security and user interface features of Pega Platform™. To open a channel between the host site and the Pega Platform™ application, configure the application permissions by specifying a list of trusted domains in the Pega Application rule. Common actions that can be defined inside a mashup include opening a new case, displaying a user's worklist, and selecting and performing an assignment.
Methods to Create a Pega Web Mashup
Method 1: Generate Mashup Code
In Dev Studio, go to Case Type -> Settings -> Integration -> Generate Mashup Code -> Generate Code.
Copy and embed the generated HTML code into an HTML page.
Method 2: Create a New Mashup Channel Interface
In App Studio or Dev Studio, click on the down arrow next to Application -> Channel and Interfaces.
Click on "Create a new Mashup channel interface."
In the Mashup channel interface, select the actions to be performed, such as creating a case, displaying a page, getting next work, opening an assignment, opening a case by ID, opening a case by handle, or opening a case by URL.
Select the case type to be embedded in the Mashup.
Mention the thread name.6. Click on "Generate mashup code" once the desired options are selected.
Data Exchange through Pega Web Mashup
When adding Pega Web Mashup to a web page, you can configure the mashup gadget to read data from the web page and send data to the hosting page or another mashup gadget. Pega Web Mashup supports three options for passing data to or from a Pega Platform application:
Data Attribute: Use the `data-pega-event-onpagedata` attribute to specify the default value for the gadget.
JavaScript Function: Use the `doAction()` function to set or read data values from the web page hosting the gadget, such as by clicking a button. Call the `doAction()` function using the syntax: `pega.web.api.doAction([gadgetname],[action],[parameters])`.
Action Object: Configure the Action object to perform additional actions on a web mashup gadget or to interact with another gadget. Set the action object as a script in the gadget DIV tag and specify the attributes and parameters as required.
Pega Web Mashup Authentication
The system must authenticate the user before displaying the application mashup on the external web page. Similar to an SSO configuration, a third-party authentication module manages the authentication of Pega Web Mashup users. The standard IACAuthentication activity extracts values from HTTP headers in the request to identify an authenticated Pega Platform™ operator ID. The activity uses the operator's identifier to verify that the user is in the system. The third-party authentication module typically provides this operator information.
The IACAuthentication activity requires the HTTP request to provide the following information to create an Operator ID:
`pyuseridentifier` – Operator's identifier
`pyusername` – Operator's full name
`pyorganization` – Operator’s organization name
`pyorgdivision` – Operator’s division name
`pyorgunit` – Operator’s organization unit name
Pega Mashup Best Practices
To reduce application issues and save time troubleshooting, consider the following best practices:
Ensure that the web mashup you embed in your web page matches the Pega Platform software version that your application uses.
Avoid loading your mashup with document types that your browser cannot support. For example, most browsers do not support the XHTML Strict doctype.
Configure cross-site request forgery (CSRF) settings: - Enable SameSite cookies. - Add the domains where the mashup scripts are embedded.
Enable encryption by adding input parameters, such as the trusted URLs in the mashup channel, and then turning on the Use encryption switch.
Configure more advanced security with Pega Web API. For example, to pass custom parameters or dynamic parameters from the host page, use the following `pega.web.api.setAuthenticationParameters` API before the system loads the mashup on the web page.
By following these guidelines, you can ensure a secure and efficient implementation of Pega Web Mashup, providing a seamless and integrated user experience across your applications.
-Team Enigma Metaverse
Comments