Published Release Notes

Apply logic to data import fields

When importing data from an external system, you can translate data fields into values that can be read by Pega^® Platform. From the Import wizard, you can do the following actions:

• Apply a decision tree or decision table to the data that is imported for a field.
• Use imported data for a field to look up a value in another record. For example, you can look up the key of a record that uses an external identifier to populate a foreign key field.
• Create templates that contain business logic, which eliminates the need to handle data transformations manually during preprocessing.

For more information, see Transforming data during import.

Integrated Application Security Checklist helps you deploy a secure application

Pega^® Platform now provides an Application Security Checklist that you can refer to when you prepare your application for deployment. By completing the recommended tasks in this checklist, you can track your progress, access instructional information for tasks, and verify that your configurations are secure.

For more information, see Preparing your application for secure deployment, Compliance Score tab, Designer Studio — Home page.

Ability to map JSON to clipboard properties by using a data transform

You can now map the entire JSON file or individual properties to and from the clipboard by using a data transform. Using a data transform makes it faster and easier to connect your Pega^® Platform to your system of record.

For more information, see Data transforms.

Data validation before importing

Data imported into a data type is now validated before it is imported. Validating data before importing it ensures that the data is valid and reduces the amount of time required to manually analyze and validate your data.

For more information about importing data into a data type, see Importing data for a data type.

Enable different REST service rules for distinct resource URIs

You can now specify different service REST rules for distinct resource URIs. This functionality provides different processing options, request handling, and response handling for each distinct resource URI. Additionally, it eliminates the need to develop and maintain complex logic to handle all possible resource URI paths.

For more information, see Distinct URI specification for service REST rules.

Encrypt sensitive case data by using a secure default Pega Platform cipher and AWS KMS keys

You can encrypt sensitive data within your application without having to write custom cipher classes. You can configure encryption on the Data Encryption landing page by using your own keys managed in your private Amazon Web Services Key Management Service (AWS KMS) instance. Pega^® Platform encryption uses keys that are stored in AWS KMS to support both time-based and on-demand key rotation. Technical issues can arise in some cases, for example, if a key is deleted from AWS KMS.

For more information, see Potential problems with keystores when using AWS KMS, Configuring a Platform cipher, Types of ciphers.

REST services support password credentials and JWT Bearer grant types

Pega^® Platform REST services now support password credentials and the JWT (JSON Web Token) Bearer grant type when you enable OAuth 2.0-based authentication. By using password credentials, you can quickly migrate clients from direct authentication schemes, provide additional flexibility when other grants are not available, and integrate your application with REST services in other applications. You can add compatibility with modern JWT-based cloud security IDPs by using the JWT Bearer grant type.

For more information, see About OAuth 2.0 Provider data instances, OAuth 2.0 Client Registration data instances - Completing the Client Information tab, Creating an Identity Mapping data instance.

Support for OAuth 2.0 authorization code grant type

Pega Platform™ now supports the OAuth 2.0 authorization code grant type, which allows Pega Platform to act as an OAuth 2.0 access token provider for native applications on mobile and other devices. By using the authorization code grant type for mobile clients, you no longer need to implement a variety of standards for various authentication providers. The authorization code grant type also supports the Proof Key for Code Exchange standard (PKCE) for securing public clients.

For more information, see Creating and configuring an OAuth 2.0 client registration.

Use client-based access control to support EU GDPR requirements

You can use client-based access control (CBAC) to satisfy the data privacy requirements of the European Union General Data Protection Regulation (GDPR) and similar regulations. By using client-based access control, you can identify the personal data of clients and automatically process requests to view, update, or remove the data in a secure manner. You can also enforce restrictions on the use of this data in application functions.

For more information, see Client-based access control.

Use fast processing option does not work

The Use fast processing option on Connect REST and Service REST rule forms does not work unless you obtain the HFix-43000 hotfix from Global Customer Service.

Use the following data model guidelines when using fast processing:

• The JSON property names and the clipboard property names must match.
• The JSON tree structure and the clipboard tree structure must be similar.
• The scalar arrays in JSON must be mapped to the clipboard as page lists.
• Multi-dimensional arrays must be mapped into page lists of page lists with the same embedded property names.

​In addition, page groups, value groups, and Java objects are not supported by fast processing.