Published Release Notes

Platform truststore for validating certificates

Pega Platform™ now includes a platform truststore, to which you can import X.509 certificates that are common across platform applications. When a certificate needs to be validated, Pega Platform looks for the certificate at the connector level, then in the platform truststore, and finally in the application server (JVM) truststore. You can add, update, and delete certificates in the platform truststore without having to restart the server, which is useful when TLS certificates are changed for reasons such as key rotation.

For more information, see Importing an X.509 certificate.

Support for Pega Infinity Mobile Client in offline-enabled applications

To take advantage of Pega Platform™ offline features, you can now build offline-enabled applications using Pega Infinity Mobile Client™. An offline-enabled application is built with Pega Infinity Mobile Client by default, and is fast to create and load. 

For more information, see Build offline-enabled applications using Pega Infinity Mobile Client, Offline-enabled application and Pega Infinity Mobile Client, and Pega Mobility and mobile clients.

Ability to support advanced device features with Pega Infinity Mobile Client

Pega Infinity Mobile Client™ now provides a development kit that you can use to make mobile apps support advanced device features that are typically available to native applications, for example, an embedded laser scanner or a projector module, and integrate functions of external software solutions, for example, a cloud-based file storage.

For more information about enhancing mobile apps with device feature support, see the documentation for the development module in the latest Pega Infinity Mobile Client distribution package on Digital Delivery.

Java injection vulnerability check

Pega Platform™ now notifies you of Java injection vulnerabilities in activities, functions, and stream rules at design time and at run time.  You can customize Pega Platform to check for additional vulnerabilities to ensure that your application runs without problems.

For more information, see Configuring the Java injection check.

New ClientStore JavaScript API for offline-enabled applications

For offline-enabled applications built using Pega Infinity Mobile Client™, you can now take advantage of a new window.pms.plugins.clientstore JavaScript API. The improved API is based on promises and events instead of callbacks and listeners, and replaces the previously available window.launchbox.PRPC.ClientStore JavaScript API which is now deprecated.

Remote device log retrieval from online-only mobile apps

In addition to device logs from offline-enabled mobile apps, Pega Mobile Client™ can now upload device logs from online-only mobile apps. The upload to Pega Platform™ starts when a user restarts the mobile app. You retrieve device logs from a specific device to support remote users and troubleshoot mobile apps.

For more information, see Retrieving device logs.

Mobile apps display skeletons for the initial screen load

Android and iOS mobile apps now display a skeleton before the initial screen loads, which enhances user experience and provides faster response to user actions on complex mobile screens or over slow networks. Until the initial screen is ready to be displayed, Pega Platform™ displays an empty placeholder that imitates the actual user interface.

Skeletons for the initial screen in mobile apps do not require any additional configuration.

Mobile search with sources from any data page

When you configure search for mobile apps, you create custom categories that limit the scope of the search and group the search results. In the previous versions of Pega Platform™, you had to add specific properties to the data page that you wanted to use as a source for a search category. Now, mobile search categories support any data page without modifications to help you effectively configure mobile search.

For more information, see Configuring categories for mobile search.

Token credentials authentication service

You can create a new type of authentication service for token credentials authentication, which is useful for offline mobile applications. With token credentials authentication, users need to enter their credentials only once in a session. Subsequent access to the server is authenticated with a token. The token can be generated by the Pega Platform™ authorization layer (OAuth 2.0) or issued by an external identity provider.

For more information, see Configuring a token credentials authentication service.

Faster starting offline-enabled mobile apps

Pega Platform™ and Pega Infinity Mobile Client™ now support access group data prepackaging when you build the executable files for an offline-enabled mobile app. This shortens the time needed to start a mobile app for the first time, because only the data that differs between the package and the current server state is synchronized. The data that is prepackaged comes from the access group cache, and you can decide what access group cache data should be excluded or additionally included in the package.

For more information, see Enabling access group data prepackaging during build.