Published Release Notes

Integrated Application Security Checklist helps you deploy a secure application

Pega^® Platform now provides an Application Security Checklist that you can refer to when you prepare your application for deployment. By completing the recommended tasks in this checklist, you can track your progress, access instructional information for tasks, and verify that your configurations are secure.

For more information, see Preparing your application for secure deployment, Compliance Score tab, Designer Studio — Home page.

Ability to map JSON to clipboard properties by using a data transform

You can now map the entire JSON file or individual properties to and from the clipboard by using a data transform. Using a data transform makes it faster and easier to connect your Pega^® Platform to your system of record.

For more information, see Data transforms.

Data validation before importing

Data imported into a data type is now validated before it is imported. Validating data before importing it ensures that the data is valid and reduces the amount of time required to manually analyze and validate your data.

For more information about importing data into a data type, see Importing data for a data type.

Enable different REST service rules for distinct resource URIs

You can now specify different service REST rules for distinct resource URIs. This functionality provides different processing options, request handling, and response handling for each distinct resource URI. Additionally, it eliminates the need to develop and maintain complex logic to handle all possible resource URI paths.

For more information, see Distinct URI specification for service REST rules.

Encrypt sensitive case data by using a secure default Pega Platform cipher and AWS KMS keys

You can encrypt sensitive data within your application without having to write custom cipher classes. You can configure encryption on the Data Encryption landing page by using your own keys managed in your private Amazon Web Services Key Management Service (AWS KMS) instance. Pega^® Platform encryption uses keys that are stored in AWS KMS to support both time-based and on-demand key rotation. Technical issues can arise in some cases, for example, if a key is deleted from AWS KMS.

For more information, see Potential problems with keystores when using AWS KMS, Configuring a Platform cipher, Types of ciphers.

REST services support password credentials and JWT Bearer grant types

Pega^® Platform REST services now support password credentials and the JWT (JSON Web Token) Bearer grant type when you enable OAuth 2.0-based authentication. By using password credentials, you can quickly migrate clients from direct authentication schemes, provide additional flexibility when other grants are not available, and integrate your application with REST services in other applications. You can add compatibility with modern JWT-based cloud security IDPs by using the JWT Bearer grant type.

For more information, see About OAuth 2.0 Provider data instances, OAuth 2.0 Client Registration data instances - Completing the Client Information tab, Creating an Identity Mapping data instance.

Precision of Oracle Timestamp property when using RDB-Save

DateTime properties that are mapped to an Oracle Timestamp column will experience a loss of precision when they are saved using the RDB-Save method. When you use RDB-Save for an Oracle Timestamp, precision will be accurate to the second. For example, a value of 20171119T124745.006 will be saved as 20171119T124745. When you use Obj-Save, precision will be accurate to the millisecond. For more information, see DateTime property mapping in Oracle for Pega 7.

Internal rules in search results and explorers

Using old: is no longer supported in search. You can include internal rules in search results and make them available in the Application and Records explorers. Include internal rules in search results either by adding the PegaDevelopmentruleset to your application or by clicking the Enable diagnostic features option in your operator preferences.

SAML single sign-on is easier to configure

Implementing SAML single sign-on (SSO) login authentication in your application is now less complex. You can now configure most requirements that used custom activities or Java code in previous releases from the Authentication services form.

For more information, see Creating an authentication service.

Manage and debug your access control policies on the Policy-based Access landing page

You can now view, manage, and debug access control policies that are used in your application on the Policy-based Access landing page. You can also verify whether relevant access control policies grant or deny access to a specific case for a specific operator. By using this new landing page you can manage and debug policies by yourself without contacting Global Customer Support.

For more information, see Reviewing access control policies, Verifying access control policies​