Integrated Application Security Checklist helps you deploy a secure application
Valid from Pega Version 7.3.1
Pega® Platform now provides an Application Security Checklist that you can refer to when you prepare your application for deployment. By completing the recommended tasks in this checklist, you can track your progress, access instructional information for tasks, and verify that your configurations are secure.
For more information, see Preparing your application for secure deployment, Compliance Score tab, Designer Studio — Home page.
Encrypt sensitive case data by using a secure default Pega Platform cipher and AWS KMS keys
Valid from Pega Version 7.3.1
You can encrypt sensitive data within your application without having to write custom cipher classes. You can configure encryption on the Data Encryption landing page by using your own keys managed in your private Amazon Web Services Key Management Service (AWS KMS) instance. Pega® Platform encryption uses keys that are stored in AWS KMS to support both time-based and on-demand key rotation. Technical issues can arise in some cases, for example, if a key is deleted from AWS KMS.
For more information, see Potential problems with keystores when using AWS KMS, Configuring a Platform cipher, Types of ciphers.
REST services support password credentials and JWT Bearer grant types
Valid from Pega Version 7.3.1
Pega® Platform REST services now support password credentials and the JWT (JSON Web Token) Bearer grant type when you enable OAuth 2.0-based authentication. By using password credentials, you can quickly migrate clients from direct authentication schemes, provide additional flexibility when other grants are not available, and integrate your application with REST services in other applications. You can add compatibility with modern JWT-based cloud security IDPs by using the JWT Bearer grant type.
For more information, see About OAuth 2.0 Provider data instances, OAuth 2.0 Client Registration data instances - Completing the Client Information tab, Creating an Identity Mapping data instance.
Support for the decisioning-enabled NLP text analyzer in IVAs and Email Bots
Valid from Pega Version 8.3
You can now use the new intelligent natural language processing (iNLP) text analyzer in Pega Intelligent Virtual Assistants™ (IVAs) and Pega Email Bots™. This advanced text analyzer is decisioning-enabled and empowers IVA or Email Bot for all conversational channels to provide smarter responses. The decisioning capability in the system integrates text analytics with strategies, prepositions, and interaction history, to provide the context for making better next-best-action decisions.
For more information, see Use the decisioning-enabled NLP text analyzer in IVAs and Email Bots, Defining advanced Facebook text analyzer configuration and Facebook channel behavior.
Upgrade impact
Existing channels remain with the current configuration, and their current functionality does not change. Channels created after the upgrade automatically use the new text analyzer.
What steps are required to update the application to be compatible with this change?
The new text analyzer is enabled or disabled using a new interactive API (iAPI) selection, which is selected by default for new channels. You can disable the iAPI for new channels if you want to maintain current functionality. You can also enable it for existing channels if you want to move existing channels to the new functionality.
Java injection vulnerability check
Valid from Pega Version 8.3
Pega Platform™ now notifies you of Java injection vulnerabilities in activities, functions, and stream rules at design time and at run time. You can customize Pega Platform to check for additional vulnerabilities to ensure that your application runs without problems.
For more information, see Configuring the Java injection check.
Usability improvements to Admin Studio
Valid from Pega Version 8.3
Admin Studio offers a variety of usability enhancements, including:
- New access groups to differentiate between full and read-only access to Admin Studio
- A Java class lookup utility
- A requestor list for the logged-on operator
- The ability to display system node type in the logs
Also, if your environment uses Predictive Diagnostic Cloud (PDC), the Admin Studio overview page now includes a link to PDC.
For more information, see Managing requestors.
Support for multiple work queues in the Email Manager portal
Valid from Pega Version 8.3
Pega Email Bot™ now provides multiple work queues in the Email Manager portal. With this functionality, operators, such as customer service representatives, can now triage cases more efficiently by selecting different work queues. Operators have access to work queues only for the current Pega Platform™ application.
For more information, see Email Manager portal.
Automatic model training when mapping entities to case properties in Email Bot
Valid from Pega Version 8.3
You can now initiate automatic feedback to entity models in Pega Email Bot™, during manual mapping of email content to a case property.
To enable automatic feedback, you set the Work-Channel-Triage.pyIsRuntimeFeedback rule to true in Pega Platform™. By default this feature is disabled. Enabling this feature ensures that the email bot is more responsive by automatically copying detected entities, such as names, locations, dates, and ZIP codes, to case type properties of a case type.
For more information, see Email triage, Email channel NLP model and Enabling the NLP model training for the email channel.
Improved rich user interface controls in IVA for Web Chatbot
Valid from Pega Version 8.3
In Pega Intelligent Virtual Assistant™ (IVA) for Web Chatbot, you can use additional rich user interface controls, such as the time and date picker or a simple form, to help users accomplish tasks more quickly and to limit errors. IVA for Web Chat can now also display a welcome message in the chat window, for example, to inform the user about the person with whom they are chatting.
For more information, see Streamline conversations in IVA for Web Chatbot with rich user interface controls.
Upgrade impact
The new Ul controls for Web Chatbot are enabled by default upon upgrade. If you do not want the controls enabled, you must disable them.
Also, if you have changed the styles for the welcome message, you may need to make changes to the welcome message to incorporate the new areas in the bot conversation area (such as quick replies).
What steps are required to update the application to be compatible with this change?
Existing channels will behave as they did previously, so you should determine whether you want to use the new UI controls. If you want to use the new Ul controls, configure the new design-time options.
If you have changed the default styles for the welcome message, review the new settings to ensure that the welcome message is configured properly.
Token credentials authentication service
Valid from Pega Version 8.3
You can create a new type of authentication service for token credentials authentication, which is useful for offline mobile applications. With token credentials authentication, users need to enter their credentials only once in a session. Subsequent access to the server is authenticated with a token. The token can be generated by the Pega Platform™ authorization layer (OAuth 2.0) or issued by an external identity provider.
For more information, see Configuring a token credentials authentication service.