Implementing without IP permit list
Beginning with Workforce Intelligence 8.5 and Pega Robot Runtime 19.1.63, clients can implement Workforce Intelligence without adding their external IP addresses/ranges (IP permit list).
Clients have remote workers and also use a complex network infrastructure (dynamic IP addresses and ranges). These network complexities make it difficult for client network teams to provide the full IP permit list for Workforce Intelligence. Pega provides other ways to secure the portal and data transmission in Workforce Intelligence.
Securing portal access for application users
You can integrate your existing single-sign on (SSO) technology to secure the Workforce Intelligence web portal. Workforce Intelligence application users log on to the web portal using SSO, which adds a layer of security beyond an email address and password. Pega supports SSO through SAML 2.0.
Securing data transmission for data collectors
You can secure Robot Runtime routes, or the API endpoints with which Robot Runtime interacts, by enabling endpoint authorization through OAuth tokens. With this feature, the Robot Runtime endpoints are securely authorized using a client ID and client secret combination for each data collector (user with Robot Runtime installed).
To implement Workforce Intelligence without an IP permit list, Pega needs the client’s approval.
For production go-live, the following tasks are mandatory to secure your implementation:
Approving removal of the IP permit list
- Log in to My Support Portal.
- On the My Support Portal home page, click New request > For something I need.
- On the Create tab, enter the request information:
- In the Request type field, select Other.
- In the Type field, select Robotics and WFI question.
- In the Short description field, enter Approving removal of IP allow-listing restrictions.
In the Primary application field, enter Workforce Intelligence.
In the Deployment field, select Pega Cloud.
In the Environment field, enter Other.
In the Other URL field, enter the URL of your Workforce Intelligence instance (for example, https://xxxx.wfi.pega.com).
- In the Environment type field, select Production.
- Click Continue.
On the Details tab, in the Describe the issue field, enter Remove IP permit list from Workforce Intelligence environment.
- On the Communication preferences tab, review the contact information, and then make any necessary changes or additions.
- Click Finish.
Result: The Workforce Intelligence Service Delivery Team creates an internal ticket with the Pega Cloud team to remove the IP permit list.
Previous topic Requesting access to API endpoints Next topic Rotating the Workforce Intelligence client secret