Published Release Notes

PATCH support for REST integrations

REST connectors and REST services now include support for integrating with REST APIs that require using the PATCH method. REST integrations that support the PATCH method allow you to make partial updates to individual resources while retaining data that does not require an update. With PATCH support, you no longer need to write complex custom code to integrate with services that require using the PATCH method.

For more information about REST integrations, see Connect REST form - Completing the Methods tab.

Configure REST connectors for standard-compliant endpoints

REST connectors now support all standards-compliant endpoint URLs, regardless of how those URLs use query parameters.

This URL support allows you to do the following actions:

• Include repeated query string parameters in a URL.
• Omit a query string parameter if the value of the parameter is empty when you send a request.
• Apply appropriate encoding for different URL components.

For more information about REST connectors, see Connect REST form.

Elasticsearch reports support string comparison operators

To improve performance, reports that use string comparison operators in filters can now run queries against Elasticsearch instead of querying the database. The following operators are now supported for Elasticsearch queries.

• Starts with, Ends with, Does not start with, and Does not end with
• Contains and Does not contain
• Greater than, Less than, Greater than or equal, and Less than or equal

In cases where a query cannot be run against Elasticsearch, the query is run against the database, for example, if the query includes a join. To determine if a query was run against Elasticsearch, use the Tracer and enable the Query resolution event type. For more information, see Tracer event types to trace.

All search data is encrypted

All search data in Pega Cloud deployments is now encrypted, both at rest and in transit. The encryption of search data makes search compliant with regulatory requirements.

For more information about search, see Full-text search.

Authentication service for basic credentials

A new type of authentication service is available for authenticating operators by using basic credentials (user ID and password). The default Pega Platform™ login is now an instance of this type of authentication service. All basic credentials authentication services include mobile authentication with the OAuth 2.0 protocol and Proof Key for Code Exchange (PKCE). You no longer have to create a custom authentication service to support mobile applications.

For more information, see Configuring a basic authentication service.

Unauthenticated sessions transition seamlessly to authenticated

A new authentication service type allows a guest user to use an application without logging in, and to be prompted to authenticate later in the session. This enhancement supports scenarios such as online shopping portals where a user can browse for items and load a shopping cart as a guest but be prompted for credentials at checkout.

For more information, see Configuring an anonymous authentication service.

Create single sign-on authentication services from App Studio

You can create and enable single sign-on (SSO) authentication services from a new landing page in App Studio. From this new landing page you can also configure new SAML and OpenID Connect authentication services to provision users. For more information, see Creating a SAML SSO authentication service and Creating an OIDC SSO authentication service.

OAuth 2.0 support in Integration Designer

Integration Designer now supports the configuration of OAuth 2.0 authentication with authorization code and client credential grant types. Use OAuth 2.0 authentication when creating a new data type, replacing a data source, or updating a data source.

For more information about REST integrations, see About Connect REST rules, and for more information about OAuth 2.0 Authentication, see OAuth 2.0 providers.

Protect against insecure deserialization

Deserialization is the process of rebuilding a data stream into a Java object. The Open Web Application Security Project (OWASP) has identified insecure deserialization as one of the top 10 security vulnerabilities for web applications. Pega Platform™ protects against this vulnerability by using filters that prevent deserialization of suspect data streams. You can configure these filters from the Deserialization Blacklist landing page.

For more information, see Configuring the deserialization filter.

Improved clipboard performance for editable data pages

Improve clipboard performance for editable data page processing by using the new high-throughput mode option. This mode does not support all clipboard features.

For a list of supported and unsupported features, see Data page rules - Using the Definition tab.