Skip to main content

         This documentation site is for previous versions. Visit our new documentation site for current releases.      

Attribute-Based Access Control (ABAC)

Updated on January 18, 2021

The Pega Platform offers rules that configure data access control based the values of attributes contained in a transaction. The Attribute-Based Access Control (ABAC) security feature can be used to mask sensitive data such as Tax ID, security question and answers so that only authorized operators can view.

You can restrict the ability of a user to view, modify, and delete instances of classes, or properties within classes. Use attribute-based access control (ABAC) to enforce row-level and column-level security in your application.

Access restrictions are enforced by defining access control policies. Conditions used in access control policies compare attributes in class instances to other information (typically, information about user’s identity, organizational reporting relationships, or other security credentials that might be case-specific).

Two rule types (Access Control Policy and Access Control Policy Condition) are used to define policies for different types of actions (Read, Update, Delete, Discover, PropertyRead, PropertyEncrypt). The rule types compare property values in class instances to clipboard property values.

See Attribute-based access control in the online help for more information.

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best. is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us