Published Release Notes

BIX performance improvements for CSV output in the Pega Cloud

BIX performance has been enhanced to download up to 25 GB of data per hour for extracts from a BLOB-less class table for CSV output. This high-throughput option is available only for Pega Cloud instances that use a Postgres database. This option is used automatically for these types of extracts.

When this option is used, the –x and –c command-line options for BIX are not supported, and the checkSum field in the manifest summary is not populated. If you need these options, you can revert to the previous implementation by using a setting in the prconfig.xml file.

For more information, see BIX high-throughput data downloads in the Pega Cloud.

Add custom HTTP response headers in your application

The Pega 7 Platform supports the addition of custom security HTTP headers that are supported by your browser. For example, you can now create custom X-Frame-Options, X-XSS-Protection, and Strict-Transport-Security headers. These headers improve the security of your application against client-based attacks.

For more information, see Creating a custom application header. 

Support for encrypted traffic in a cluster

The Pega 7 Platform includes the Ignite platform, which supports encryption for intra-cluster communications. You can now configure encryption for intra-cluster traffic for compliance with regulatory or organizational security requirements.

For more information, see Enabling encrypted traffic between nodes.

Attribute-based access control model

Attribute-based access control (ABAC) is a security authorization model in which access rights are determined through the use of policies and attributes. A policy decision engine in ABAC evaluates digital policies against available data (attributes) to permit or deny access to the requested resource. For example, you can now determine access rights to cases by examining security attribute values assigned to the user and the case.

For more information, see Attribute-based access control.

Chart drilldown capabilities extended to dashboard widgets

When the chart for a report is displayed in a dashboard widget, you now can click any part of the chart to drill down and view the subset of data for that part. This enhancement provides you with an accurate view of the data that determines the report results. Previously, this capability was provided only in the Report Viewer.

Enhancements to exporting report results to Excel

When you export report results to Excel, the .xlsx file that the export process generates is smaller, opens faster, and no longer displays a security warning when you open it. Excel handles more of the formatting, and DateTime, Date, TimeOfDay, and Numeric properties are exported in a format that Excel recognizes. In addition, columns have sorting and filtering enabled by default.

These enhancements are enabled by default and provide improvements to performance and memory usage, especially with large data sets. You can disable this new default behavior by modifying the pyEnableExportToAdvancedExcelFormat when rule. For more information, see Disabling the default functionality for exporting reports to Excel.

Monitor standard and custom security events

From the new Security Event Configuration landing page, you can select the standard and custom security events that you want the Pega 7 Platform to log automatically for every user session. The security events are grouped into the following types:

• Authentication
• Data access
• Security administration
• Custom

The API logCustomEvent() is provided so that you can create custom security events that are specific to your applications and that can be monitored by the Pega 7 Platform. For more information, see Security Event Configuration.

SAML configuration supports global resource settings

In the SAML Authentication Service form, you can now use global resource settings, which allow greater flexibility for values that change compared to using fixed text values. Apply global resource settings, which are dynamic values, in the Identity Provider (IdP) information section and the Service Provider (SP) settings section of the form.

For more information, see Authentication Service form - Completing the SAML 2.0 tab.

Restrict visibility of scalar property values for certain users

You can use the Access Control Policy rule to mask individual scalar property values from specified users. You can restrict visibility for the following property types:

• DateTime
• Integer
• Text

For more information, see Masking property visibility for users.

Disable inactive operators

As a system administrator, you can control access to an application by disabling Operator IDs. To disable an Operator ID, you can use one of the following options in Designer Studio:

• Call the Service REST: user.
• Change settings on the Operator Access tab on the System Settings landing page or on the Security tab on the Operator ID form.
• Define the number of inactive days in the security policies before an Operator ID is automatically disabled.

For more information, see System Settings - Operator Access tab, Enabling Security Policies, Security tab on the Operator ID form.