Skip to main content

         This documentation site is for previous versions. Visit our new documentation site for current releases.      

Optional: Defining the security model and organization structure

Updated on January 6, 2022

Define the authorization and authentication strategies for your application.

Pega Knowledge Implementation Guide Pega Knowledge Implementation Guide Pega Knowledge Implementation Guide Pega Knowledge Implementation Guide
Proves to the application that you are who you say you are.
Determines the functions that you can perform in the application. This corresponds to an access group and role configuration.

Security planning involves defining authorization and authentication strategies for your application. It is a best practice to create new access groups and roles that are based on the default access groups and roles that come with the product.

Security planning also involves setting up the organization structure and operator attributes. The application provides security in the form of access settings and denial rules. Many integration rules also incorporate authentication.

For more information about the additional aspects of security, enroll in the Lead System Architect course on Pega Academy.

Authentication schemes

The Pega Platform offers the following authentication types:

Based on passwords in the Operator ID data instances and the login form. This is defined by the HTML @baseclass.Web-Login rule, which your application can override.
Similar to PRBasic, but passes credentials by using Secure Sockets Layer (SSL) with Basic HTTP authentication. The login form is defined by the HTML @baseclass.Web-Login-SecuredBasic rule, which your application can override.
Supports access to an external LDAP directory or a custom authentication scheme.
Supports external assignments (Directed Web Access).
Specifies that the application server in which the Pega Platform is deployed uses JAAS to authenticate users.

Defining your authentication scheme

Your site can use a centralized, automated means of maintaining operator data instead of maintaining it manually in your application.

  1. Discuss the authentication schemes with your site's security and application server teams.
  2. Determine the appropriate authentication type.

    For more information on authentication scheme planning, see Authentication.

Authorization scheme

Pega Knowledge Pega Care Management comes with a predefined set of access groups, roles, and privileges. You can use the application roles as a starting point, but you should create your own application-specific access groups and roles to avoid any future problems when updating.

Other rule types such as sections, flow actions, and activities use roles and privileges to allow access to these rules at run time.

Note: You can review the Pega Knowledge access groups and roles in App Studio.
  • Previous topic Enabling web crawlers to index Pega Knowledge help sites
  • Next topic Configuring troubleshooters for Pega Customer Service

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best. is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us