Support for OAuth 2.0 authorization code grant type
Valid from Pega Version 8.1
Pega Platform™ now supports the OAuth 2.0 authorization code grant type, which allows Pega Platform to act as an OAuth 2.0 access token provider for native applications on mobile and other devices. By using the authorization code grant type for mobile clients, you no longer need to implement a variety of standards for various authentication providers. The authorization code grant type also supports the Proof Key for Code Exchange standard (PKCE) for securing public clients.
For more information, see Creating and configuring an OAuth 2.0 client registration.
Use client-based access control to support EU GDPR requirements
Valid from Pega Version 8.1
You can use client-based access control (CBAC) to satisfy the data privacy requirements of the European Union General Data Protection Regulation (GDPR) and similar regulations. By using client-based access control, you can identify the personal data of clients and automatically process requests to view, update, or remove the data in a secure manner. You can also enforce restrictions on the use of this data in application functions.
For more information, see Client-based access control.
Data pages can source information from a robotic desktop automation
Valid from Pega Version 8.1
You can now configure data pages to source information from robotic desktop automations (RDA). Using an RDA to source a data page allows you to connect your Pega Platform™ application to any application that is accessible from an end-user's desktop. By using automations to retrieve data and load it into a data page, you can use data virtualization to separate your Pega Platform data model from the physical interface of a legacy system against which the automation is running.
For more information, see Obtaining information from robotic automations.
Data encryption support for system data
Valid from Pega Version 8.1
You can now control system-level data security by using data encryption in Pega Platform™. Encryption of system-level data improves the overall security of your system.
For more information, see Configuring the platform cipher and Configuring a keystore for a master key from a custom source.