SAML single sign-on is easier to configure
Valid from Pega Version 7.4
Implementing SAML single sign-on (SSO) login authentication in your application is now less complex. You can now configure most requirements that used custom activities or Java code in previous releases from the Authentication services form.
For more information, see Creating an authentication service.
Support for controlling binary file upload in Pega Mobile Client
Valid from Pega Version 7.4
The Client Store API of Pega® Mobile Client has been modified so that you can suspend and resume the process of uploading binary files to the server. You can also check the state of the file uploading process. As a result, custom mobile app users can process their work items without having to wait for the synchronization process to finish.
For more information, see Pega Mobile Client API methods for controlling binary data upload and Client Store API.
Support for large binary data item storage in Pega Mobile Client and offline case attachments in Pega Platform
Valid from Pega Version 7.4
Pega® Mobile Client can now store and synchronize large binary data items and their corresponding actions from the action queue on Android and iOS devices. As a result, custom mobile app users can view, attach, and delete data files, whether the device is online or offline. For this function to work, you must enable offline case attachment support, which allows your custom mobile apps to synchronize case attachments between the Pega Platform and the mobile device.
For more information, see Enabling offline case attachments support and Client Store API.
Configure role dependencies to grant access rights
Valid from Pega Version 7.4
You can configure role dependencies in a role to grant access rights, which are inherited from the role. Role dependencies are relationships between roles that mirror an organization hierarchy or a more complex relationship among groups of operators, roles, or functional areas. Use role dependencies to simplify role configuration, minimize the number of roles needed by an access group, and minimize the number of privileges that you have to manually define for roles in your application.
For more information, see Access Role rules, Access Role form – Using the Role tab.
Improved operator security
Valid from Pega Version 7.4
To improve security, Pega® Platform now requires the following:
- During deployment, you must configure a password for [email protected].
- The administrator must enable new out-of-the-box operators.
- The administrator and new Pega-supplied operators must change their passwords after the first login.
These requirements replace the optional secured mode in earlier versions of Pega Platform.
Multifactor authentication now supports SMS
Valid from Pega Version 7.4
Multifactor authentication now supports short message service (SMS) as well as email. Amazon Simple Notification Service (SNS) is supported as a provider.
For more information, see Security policies settings.
Operator provisioning is supported by SAML and OpenID Connect authentication services
Valid from Pega Version 7.4
When you use SAML and OpenID authentication services, operators can be automatically provisioned without the need to write custom activities. Users can now be authenticated and provisioned from authentication providers that adhere to the OpenID Connect specification, such as Auth0, NetIQ, and Google.
For more information, see Configuring operator provisioning for a SAML SSO authentication service and Configuring operator provisioning for an OpenID Connect authentication service.
Support for OpenID Connect authentication
Valid from Pega Version 7.4
Pega® Platform now supports authentication services that use OpenID Connect, an emerging standard for government and enterprise cloud environments. This standard facilitates interoperability among identity management solutions and authentication through authentication providers that adhere to the OpenID Connect specification, including Auth0, NetIQ, and social media sites such as Google.
For more information, see Configuring an OpenID Connect authentication service.
New access control policy for encrypting properties
Valid from Pega Version 7.4
With attribute-based attribute control, you can now encrypt property values in the database, clipboard, logs, and search indexes for any property type. If no policy obfuscates an encrypted property, its value is visible in UI controls and reports.
For more information, see Creating an access control policy.
Improvements in the process engine for offline-enabled applications
Valid from Pega Version 7.4
The offline process engine includes several improvements. To provide more options when you develop an offline-enabled application, a decision shape as the first shape in a flow and parameters for the CreateNewWork action are now supported. Offline-enabled applications now also display information about the last data synchronization.
For more information, see Flow processing in offline mode.