Published Release Notes

Java injection vulnerability check

Pega Platform™ now notifies you of Java injection vulnerabilities in activities, functions, and stream rules at design time and at run time.  You can customize Pega Platform to check for additional vulnerabilities to ensure that your application runs without problems.

For more information, see Configuring the Java injection check.

Usability improvements to Admin Studio

Admin Studio offers a variety of usability enhancements, including:

• New access groups to differentiate between full and read-only access to Admin Studio
• A Java class lookup utility
• A requestor list for the logged-on operator
• The ability to display system node type in the logs

Also, if your environment uses Predictive Diagnostic Cloud (PDC), the Admin Studio overview page now includes a link to PDC.

For more information, see Managing requestors.

Business logic-based routing to process cases more efficiently

Process cases more efficiently by defining business logic-based routing options to route tasks to customer service representatives (CSRs) who have a specified availability or skillset. For example, you can ensure that a task is routed to a CSR with a high level of a German language if it is your business need. You can also create custom lists of operators and work queues to filter CSRs who can receive an assignment.

For more information, see Choosing an assignee at run time in Dev Studio, Choosing an assignee at run time in App Studio, Configuring business logic-based routing APIs.

Task board enhancements for improved tracking of tasks

App Studio and end-user portals, such as Case Manager, now provide an enhanced task board which helps you improve collaboration on task resolution. For example, you can create a checklist within a task, and then update the checklist to inform other users about the progress of the task. Attach content to a task to ensure that all users have the information that they need, and to make tasks more meaningful. Now you can also categorize tasks, and then filter them by category, to quickly access relevant information.

For more information, see Monitoring and tracking tasks in Dev Studio, Monitoring and tracking tasks in App Studio.

Enhanced Wait shape

Pega Platform™ now supports the enhanced Wait shape that configures the case to wait for the resolution of all child cases instead of only the child cases of a specific type. When you set up the Wait shape to stop a case until it reaches a certain status, you can decide whether the shape considers statuses from a whole case life cycle, or only the statuses after the wait begins. The enhanced Wait shape provides you with greater control over resolution of your cases. 

For more information, see Pausing and resuming processes in cases in Dev Studio, Pausing and resuming processes in cases in App Studio.

Support for the JSON Web Token Bearer grant type for accessing external APIs

You can now access external APIs by using the new OAuth 2.0 JSON Web Token (JWT) Bearer grant type, in an OAuth 2.0 authentication profile. To use the JWT Bearer grant type as a client assertion, source the JWT from an active SSO session, a token profile, or a property reference. You can use JWTs that you obtain during an OpenID Connect SSO in connectors, to achieve user impersonation flows, such as the On-Behalf-Of (OBO) flow. The OAuth 2.0 type authentication profile now also supports authentication of client applications by using Private Key JWTs.

Instances of the OAuth 2.0 provider are now deprecated. As a best practice, use the new, unified authentication profile configuration instead.

For more information, see Configuring an OAuth 2.0 authentication profile.

Upgrade impact

After an upgrade to Pega Platform 8.4 and later, Authentication Profiles can take advantage of the new JWT based OAuth 2.0 grant type and client authentication features. To take advantage of this and other new security features, you must update any existing Authentication Profiles formats must to use those in Pega Platform 8.4 and later.

What steps are required to update the application to be compatible with this change?

Since these features are available only for profiles created in Pega Platform 8.4 and later, clients must open and then save existing 'Authentication Profile' instances to ensure that the configuration is compatible with the latest authentication formats.

Sign and encrypt signatures and content with additional algorithms

You can now authenticate using JSON Web Token (JWT) token profiles to symmetrically and asymmetrically encrypt both signatures and content. All algorithms in the Nimbus JWT library are supported, including nested tokens. Custom key identifier headers (kid) are also supported. Use token profiles to securely propagate identities and transfer data between systems.

For more information, see Creating a processing JSON Web token profile.

For more information, see Creating a generation JSON Web token profile.

Case tags for improved case search

Pega Platform™ now supports enhanced tagging for case types so that you can search cases by tags. As a result, tagging is more consistent because you can define a set of suggested tags that users can add to their posts and cases. When users search for cases, they can apply several filters, for example, recently added or most frequently used tags.

For more information about tags, see Tagging cases in Dev Studio, Tagging cases in App Studio.

Default filter settings for Pulse feed sources

Set default filters for Pulse messages, so that users see only relevant posts. Users can temporarily change these settings at run time to view messages from different feed sources, and restore the default settings by refreshing the page.

For more information, see Adding a feed source for the activity feed.    

Token credentials authentication service

You can create a new type of authentication service for token credentials authentication, which is useful for offline mobile applications. With token credentials authentication, users need to enter their credentials only once in a session. Subsequent access to the server is authenticated with a token. The token can be generated by the Pega Platform™ authorization layer (OAuth 2.0) or issued by an external identity provider.

For more information, see Configuring a token credentials authentication service.