Published Release Notes

Operator provisioning is supported by SAML and OpenID Connect authentication services

When you use SAML and OpenID authentication services, operators can be automatically provisioned without the need to write custom activities. Users can now be authenticated and provisioned from authentication providers that adhere to the OpenID Connect specification, such as Auth0, NetIQ, and Google.

For more information, see Configuring operator provisioning for a SAML SSO authentication service and Configuring operator provisioning for an OpenID Connect authentication service.

Support for OpenID Connect authentication

Pega^® Platform now supports authentication services that use OpenID Connect, an emerging standard for government and enterprise cloud environments. This standard facilitates interoperability among identity management solutions and authentication through authentication providers that adhere to the OpenID Connect specification, including Auth0, NetIQ, and social media sites such as Google.

For more information, see Configuring an OpenID Connect authentication service.

New access control policy for encrypting properties

With attribute-based attribute control, you can now encrypt property values in the database, clipboard, logs, and search indexes for any property type. If no policy obfuscates an encrypted property, its value is visible in UI controls and reports.

For more information, see Creating an access control policy.

Data pages can source information from a robotic process automation

When you use robotic process automation (RPA), you can now configure data pages to source information from robotic automations so that you can connect your Pega® Platform application to legacy applications in your enterprise. By using automations to retrieve data and save it to a data page, you can use data virtualization to encapsulate your Pega Platform data model from the physical interface of a legacy system against which the automation is running.

For more information, see Obtaining information from robotic automations.

CRM core data types included in Pega Platform

Customer Relationship Management (CRM) core data types are now included with Pega^® Platform, making it easier to bring your data into your Pega application. You can either import your data into the data tables for the CRM data types or use integration to communicate with your own system of record. The database tables for these data types are non-Pega formatted, which gives you better performance and more control over your data.

For information about the database tables, see CRM data types in Pega Platform.

New privilege required to access the Search landing page

After upgrading to Pega^® Platform 7.4, users who do not have the pxAccessSearchLP privilege cannot access the Search landing page. The pxAccessSearchLP privilege is automatically assigned to the SysAdm4 role. If you have other roles that require access to the Search landing page, you must add the pxAccessSearchLP privilege to those roles.

For more information about assigning privileges to roles, see User privilege authorization. (Link to: basics/v6portal/landingpages/accessmanager/customizeprivilegestab.htm)

Support for OAuth 2.0 authorization code grant type

Pega Platform™ now supports the OAuth 2.0 authorization code grant type, which allows Pega Platform to act as an OAuth 2.0 access token provider for native applications on mobile and other devices. By using the authorization code grant type for mobile clients, you no longer need to implement a variety of standards for various authentication providers. The authorization code grant type also supports the Proof Key for Code Exchange standard (PKCE) for securing public clients.

For more information, see Creating and configuring an OAuth 2.0 client registration.

Use client-based access control to support EU GDPR requirements

You can use client-based access control (CBAC) to satisfy the data privacy requirements of the European Union General Data Protection Regulation (GDPR) and similar regulations. By using client-based access control, you can identify the personal data of clients and automatically process requests to view, update, or remove the data in a secure manner. You can also enforce restrictions on the use of this data in application functions.

For more information, see Client-based access control.

Use fast processing option does not work

The Use fast processing option on Connect REST and Service REST rule forms does not work unless you obtain the HFix-43000 hotfix from Global Customer Service.

Use the following data model guidelines when using fast processing:

• The JSON property names and the clipboard property names must match.
• The JSON tree structure and the clipboard tree structure must be similar.
• The scalar arrays in JSON must be mapped to the clipboard as page lists.
• Multi-dimensional arrays must be mapped into page lists of page lists with the same embedded property names.

​In addition, page groups, value groups, and Java objects are not supported by fast processing.

Applications not working as expected when using fast processing for Connect REST and Service REST integration

In Pega^® Platform 7.3.1, the Use fast processing option on Connect REST and Service REST rule forms did not work. The functionality has been fixed for Pega 7.4; however, some data model guidelines must be followed. If you use this option in Pega 7.3.1, and you did not follow the guidelines, your application might not work as expected after upgrading. Use the following data model guidelines when using fast processing:

• The JSON property names and the clipboard property names must match.
• The JSON tree structure and the clipboard tree structure must be similar.
• The scalar arrays in JSON must be mapped to the clipboard as page lists.
• Multi-dimensional arrays must be mapped into page lists of page lists with the same embedded property names.

In addition, page groups, value groups, and Java objects are not supported by fast processing.