Security tab of the Application Definition
Use this tab to define security settings in your application, map authentication services, and enable content, mashups, and digital messaging security.
Application Definition
To view the Application Definition, in the header ofDev Studio, click your application name, and then click Definition.
Security Tab
The Application Definition contains seven tabs, including the Security tab. To view the Security tab, in the header of Dev Studio, click your application name, and then click
.The Security tab contains the following sections: Application security, Authentication, Content security, Mashup security and Digital Messaging security.
Application security
Application security has one setting: the Require password to update application check box, which should be selected when creating an application. The Require password to update application check box should remain selected.
Select the Require password to update application check box if you want to change or update the password that users must enter when updating the application, and then click Update password to set the password.
For more information, see Setting your application password.
The following figure shows the Application security section:
Authentication
Authentication services are new to Pega Platform. Users with the pzAdvancedSecurityUser privilege can map authentication services to an application. By default, the PegaRULES:SecurityAdministrator includes the pzAdvancedSecurityUser privilege.
By mapping an authentication service, a security administrator can define the authentication service mechanism that users use to log in to an application. Administrators can also create a default login mechanism and interactive screen the user selects an authentication service to login.
The Authentication section changes depending on whether you have already mapped authentication services.
The following figure shows the Authentication section for a system that does not have any mapped authentication services:
The following figure shows the Authentication section for a system that already has mapped authentication services:
For more information, see Mapping authentication services in Dev Studio.
You can also map authentication services in App Studio, without using the Application Definition. For more information, see Mapping authentication services in App Studio.
Content security
The content security policy (CSP) is a set of directives that inform the user's browser of locations from which an application is allowed to load resources, such as fonts, images, and style sheets.
Use the Policy name field to select the content security policy. You can configure this content security policy directly from this page by clicking the configure icon after you select the policy.
Use the Mode setting to specify what the browser does when a
policy is violated:
Mode | System behavior |
Reject and Report | Enforce the policy and report the violation. |
Report Only | Report the violation, but do not enforce the policy. |
The following figure shows the Content security section:
For more information, see:
Mashup security
Mashup security is used to define the external URLs that are allowed to access Pega Platform so that the host page can communicate with the mashup gadget, if you use the mashup feature to embed Pega Platform content in an external application. This feature functions, in part, as an allow list.
The following figure shows the Mashup security section:
For more information, see Securing your application for mashup communication.
Digital Messaging security
This security feature is used to set up messaging platforms for Pega Intelligent Virtual Assistant (IVA) for Digital Messaging. To start using Digital Messaging, you must configure and define the security settings for the channel and the system. Examples of messaging platforms that are useable by the IVA include Apple Business Chat, Facebook Messenger, MMS/SMS (Twilio), Twitter, and WhatsApp Messenger.
The following figure shows the Digital Messaging security section:
For more information, see Configuring Digital Messaging channel security.
Previous topic Setting your application password Next topic Specifying the content of application documentation