Implementing the security model and organization structure
Define the authorization and authentication strategies for your application.
- Authentication
- Proves to the application that you are who you say you are.
- Authorization
- Determines the functions that you can perform in the application. This corresponds to an access group and role configuration.
Security planning involves defining authorization and authentication strategies for your application. It is a best practice to create new access groups and roles that are based on the default access groups and roles that come with the product.
Security planning also involves setting up the organization structure and operator attributes. The application provides security in the form of access settings and denial rules. Many integration rules also incorporate authentication.
For more information about the additional aspects of security, enroll in the Lead System Architect course on Pega Academy.
- Authentication schemes
The Pega Platform offers the following authentication types:
- Implementing your authentication scheme
Your site can use a centralized, automated means of maintaining operator data instead of maintaining it manually in your application.
- Defining your access groups
Define the access groups that you want to add to your application.
- Defining access roles and privileges
You can associate one or more roles with an access group. Roles are additive. The more roles that you add to an access group, the more authorization there is. Privileges can be associated with one or more roles.
- Configuring work groups
A work group determines which work queues you can access.
- Configuring work queues
A work queue is a queue of open assignments in the application.
Previous topic Specifying delivery time frames Next topic Authentication schemes