Tracing Cassandra queries in a Decision Data Store data set
Valid from Pega Version 7.3
You can now enable the Trace option for every operation in the Decision Data Store data set to collect information about how the Decision Data Store queries are executed in Cassandra. You can view this information in the clipboard and use it to troubleshoot and optimize performance of the Decision Data Store data sets and Decision Data Store nodes. All the queries and related events are collected on the DDSTraces page on the same Pega thread.
For more information, see Tracing Decision Data Store operations.
New service for generating OAuth 2.0 client credentials
Valid from Pega Version 7.3
Pega® Platform now includes the oauthclients service package that provides a REST service for generating OAuth 2.0 client credentials. By using the client registration service, you can dynamically register OAuth 2.0 clients. The new service is secured by an existing OAuth service. Access tokens that are issued by the existing OAuth service are accepted as initial access tokens by the new service.
For more information, see OAuth 2.0 Client Registration data instances.
Enhanced security of Robotic Desktop Automation requests
Valid from Pega Version 7.3
Security enhancements have been introduced in the communication (data synchronization or pulling data) between your application that uses robotic desktop automation functionality and Pega® Platform. These applications (web, desktop, and legacy) communicate with Pega Platform through connectors. No additional configuration is necessary.
For more information, see Robotic automation.
Enhanced functionality of the Decision Manager portal
Valid from Pega Version 7.3
The Decision Manager portal now provides more revision management options. The Decision Analytics work area for development of predictive, adaptive, and text analytics models is now part of the Decision Manager portal. PegaUnit testing of rules is more convenient from a new Automated Testing landing page. Revision managers can reassign change requests back to strategy designers or other users of the Decision Manager portal without losing changes that were already made.
For more information, see Enhancements to the Decision Manager portal.
External keystore support in Pega Platform
Valid from Pega Version 7.3
Pega® Platform now provides the ability to source certificates and encryption keys from external keystores. You use the Keystore rule to specify alternatives to the platform's database to source certificates and keys. You can choose to use a data page, a URL, or an external file in one of the following standard formats: JKS, JWK, PKCS12, KEYTAB, or KEY. Keystore information is stored in cache memory only. It is not stored on the clipboard nor is it directly accessible to the application logic.
For more information, see Creating a Keystore data instance.
Two-factor authentication with one-time passwords
Valid from Pega Version 7.3
Pega® Platform now supports two-factor authentication in custom authentication services and case flow processing, by sending a one-time password to an operator through email and requiring the operator to provide it back to your application for verification. Use REST API OTP Generation to generate and store one-time passwords, and REST API OTP Verification to verify passwords against user entries. You can also use the pxSendOTP and pxVerifyOTP activities called by these APIs to implement two-factor authentication of users in case flows prior to performing a critical operation (e.g. before completing a critical transaction such as a funds transfer in excess of a certain amount). Settings on the Security Policies landing page control the behavior of the two-factor authentication process.
For more information, see Enabling security policies.
Support for OAuth 2.0 authorization in Pega Platform REST services
Valid from Pega Version 7.3
Pega® Platform REST services now support OAuth 2.0 authorization that uses federated authentication with SAML 2.0-compliant identity providers (IDPs). The OAuth 2.0-based authorization can be configured to use the SAML2-bearer grant type with a SAML token profile. This configuration is used when a resource requestor is authenticated by using a SAML2.0-compliant IDP.
For more information, see Security rules and data.
Privilege inheritance support through access roles
Valid from Pega Version 7.3
Privilege inheritance simplifies the process of defining privileges that are relevant in multiple classes. When determining whether a user should be granted a named privilege that allows a type of access to a class, Pega® Platform searches for Access of Role to Object (Rule-Access-Role-Obj) rules that are relevant to the target class and to the access roles listed in the user's access group, and considers the privileges granted or denied in those rules. When privilege inheritance is enabled within an access role, the search for relevant Access of Role to Object rules begins with the target class and, if necessary, continues up the class hierarchy until a relevant rule is found.
For more information, see Privilege inheritance for access roles.
Use Kafka data sets in Pega Decision Strategy Manager
Valid from Pega Version 7.3
You can create Kafka data set rules to connect to an external Apache Kafka server cluster and use this data set in decision management for processing real-time streaming data. Integrating Kafka data sets into complex event processing (CEP) as part of Event Strategy rules provides a fault-tolerant and scalable solution for processing real-time data feeds.
For more information, see Kafka data sets in decision management.
Use definition classes to create Decision Data rules that contain text analytics records
Valid from Pega Version 7.3
Use the dedicated definition classes to create Decision Data rules that contain all the types of records that are used in text analytics, such as taxonomies, lexicon, entity extraction rules, and so on. By using these definition classes, you can quickly create, update, and manage the text analytics records in your application.
For more information, see Definition class of text analytics Decision Data rules.