Skip to main content

         This documentation site is for previous versions. Visit our new documentation site for current releases.      

Defining security

Updated on December 21, 2021

Content visibility can be restricted at the taxonomy category level, allowing only privileged users access to the restricted content using search, suggested content, or the top-rated articles sections.

Pega Knowledge User Guide

Assigning access roles in Pega requires visibility to that application using an operator that has privileges for the system administrator role and access to the Pega Knowledge portal. It is a best practice to modify one of your Pega application's System Administrator operator's access group or create a new operator to include the KMPortal. The operator's application rule should also include the PegaKMPortal:08-03 ruleset that is placed above any Pega- rulesets. This operator then has access to both your application and Pega Knowledge, allowing the visibility and assignment of your application's access roles to the taxonomy categories through the Taxonomy editor.

Note: Pega Knowledge provides the CSKMSecurityAdmin access group for assigning security for Pega Customer Service access roles. Pega Customer Service managers with the CAManager access group have full visibility to all Pega Knowledge content, and by design are not restricted by the category security defined in the taxonomy editor. Articles that are linked to service cases by a manager will also be visible to Customer Service CSRs, regardless of the category security restriction. This enables the Pega Customer Service manager complete control on the content their CSRs must view when assisting customers. This is the only exception to the category security access role model. Example: A Pega Customer Service search for an article that is restricted by access role at the taxonomy level will not be displayed in the search results if the CSR does not possess the required access role for that article's category.

Assigning security restrictions is hierarchical, meaning that if a higher level taxonomy category has assigned (one-to-many) access roles, then all its related child categories inherit those roles. Any content assigned to these child taxonomy categories requires that the end user have at least one of the assigned access roles to enable visibility.

If an access role is assigned at a lower (child) level in a taxonomy category hierarchy, with no other access roles assigned above the child, then only content at the level where the access role is assigned would require the user to have that access role. Content linked to taxonomy categories above the child with the access role would not have any visibility restrictions, assuming that no access roles are assigned at the higher levels in that category hierarchy.

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best. is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us