External keystore support in Pega Platform
Valid from Pega Version 7.3
Pega® Platform now provides the ability to source certificates and encryption keys from external keystores. You use the Keystore rule to specify alternatives to the platform's database to source certificates and keys. You can choose to use a data page, a URL, or an external file in one of the following standard formats: JKS, JWK, PKCS12, KEYTAB, or KEY. Keystore information is stored in cache memory only. It is not stored on the clipboard nor is it directly accessible to the application logic.
For more information, see Creating a Keystore data instance.
Unified Messaging Desktop integration with Pega Platform
Valid from Pega Version 8.4
You can now use the Pega Unified Messaging Desktop™ customer service solution with a Pega Platform™ application so that customer service representatives (CSRs) and other users, such as managers, can respond to user requests more quickly and in a more consistent manner. With integrated Pega Unified Messaging Desktop, CSRs can escalate user requests from Pega Intelligent Virtual Assistants™ (IVAs) by using case processing and artificial intelligence alongside Pega Customer Service™
For more information, see Develop a single IVA channel to chat across different messaging platforms.
Terminate sessions for operators from outside the Pega 7 Platform
Valid from Pega Version 7.2.2
The newly added Users REST API allows an authorized administrator to terminate sessions for one or more operator IDs from outside the Pega® 7 Platform. A typical use case for this API is to terminate a user’s session when the user's security credentials, which are stored externally, are known to have changed.
Access the Pega API by clicking .
Support for OAuth 2.0 authorization in Pega Platform REST services
Valid from Pega Version 7.3
Pega® Platform REST services now support OAuth 2.0 authorization that uses federated authentication with SAML 2.0-compliant identity providers (IDPs). The OAuth 2.0-based authorization can be configured to use the SAML2-bearer grant type with a SAML token profile. This configuration is used when a resource requestor is authenticated by using a SAML2.0-compliant IDP.
For more information, see Security rules and data.
Platform truststore for validating certificates
Valid from Pega Version 8.3
Pega Platform™ now includes a platform truststore, to which you can import X.509 certificates that are common across platform applications. When a certificate needs to be validated, Pega Platform looks for the certificate at the connector level, then in the platform truststore, and finally in the application server (JVM) truststore. You can add, update, and delete certificates in the platform truststore without having to restart the server, which is useful when TLS certificates are changed for reasons such as key rotation.
For more information, see Importing an X.509 certificate.
Encrypt sensitive case data by using a secure default Pega Platform cipher and AWS KMS keys
Valid from Pega Version 7.3.1
You can encrypt sensitive data within your application without having to write custom cipher classes. You can configure encryption on the Data Encryption landing page by using your own keys managed in your private Amazon Web Services Key Management Service (AWS KMS) instance. Pega® Platform encryption uses keys that are stored in AWS KMS to support both time-based and on-demand key rotation. Technical issues can arise in some cases, for example, if a key is deleted from AWS KMS.
For more information, see Potential problems with keystores when using AWS KMS, Configuring a Platform cipher, Types of ciphers.
Integrated Application Security Checklist helps you deploy a secure application
Valid from Pega Version 7.3.1
Pega® Platform now provides an Application Security Checklist that you can refer to when you prepare your application for deployment. By completing the recommended tasks in this checklist, you can track your progress, access instructional information for tasks, and verify that your configurations are secure.
For more information, see Preparing your application for secure deployment, Compliance Score tab, Designer Studio — Home page.
Pega Agile Studio integration
Valid from Pega Version 7.3
You can configure the new Agile Workbench tool to integrate with Pega® Agile Studio so that bugs and user stories are synchronized between the two systems. In addition, you can improve traceability in your development environment by using the Current work feature to associate a user story or bug with development changes.
For more information, see Integrating Agile Workbench with Pega Agile Studio and Tracing development changes to work items.
Use Kerberos credentials in a Pega application to authenticate and access external systems
Valid from Pega Version 7.2.2
Authentication services now support Kerberos as an authentication type. When you connect from the Pega 7 Platform to external systems and services that require Kerberos authentication, the Pega 7 Platform stores the user Kerberos credentials and makes them available in Pega 7 Platform connectors.
For more information, see Using Kerberos credentials in a Pega application to authenticate and access external systems.
Triage cases archiving in the email bot (Pega Cloud Services)
Valid from Pega Version 8.5
For Pega Platform™ that is installed in Pega Cloud® Services, you can configure Pega Email Bot™ to archive resolved triage cases that are older than a specified number of days. Archiving triage cases improves the overall performance of your system by reducing the primary storage consumption and cost because the system places such resolved triage cases in a secondary storage.
For more information, see Archiving resolved emails for an email bot (Pega Cloud Services).