Terminate sessions for operators from outside the Pega 7 Platform
Valid from Pega Version 7.2.2
The newly added Users REST API allows an authorized administrator to terminate sessions for one or more operator IDs from outside the Pega® 7 Platform. A typical use case for this API is to terminate a user’s session when the user's security credentials, which are stored externally, are known to have changed.
Access the Pega API by clicking
.Use Kerberos credentials in a Pega application to authenticate and access external systems
Valid from Pega Version 7.2.2
Authentication services now support Kerberos as an authentication type. When you connect from the Pega 7 Platform to external systems and services that require Kerberos authentication, the Pega 7 Platform stores the user Kerberos credentials and makes them available in Pega 7 Platform connectors.
For more information, see Using Kerberos credentials in a Pega application to authenticate and access external systems.
New PegaRULES:PegaAPISysAdmin role
Valid from Pega Version 7.2.2
The role PegaRULES:PegaAPISysAdmin has been added to the Pega 7 Platform. This required role gives system administrators access to the Pega API REST User Services and is not required for other services.
For more information, see Securing the Pega API.
New hashing algorithm for Password property types
Valid from Pega Version 7.2.2
To provide extra protection against brute-force attacks, a new hashing algorithm has been added to the Pega 7 Platform. Bcrypt is used as a default hashing algorithm for Password property types. The bcrypt key setup algorithm takes a long time to process. This means that potential attackers would have to spend a substantial amount of time testing every possible key.
For more information, see Using the bcrypt hashing algorithm for Password property types.