Published Release Notes

Organization Setup superseded by New Application Wizard

The Organization Setup Wizard has been retired in PRPC 7.1.3.  This feature was previously launched from the Designer Studio > Org & Security > Organization > Organization Setup menu. Users are encouraged to run the New Application Wizard (also known as Application Express) instead:

This tool quickly generates an application along with all of the artifacts previously offered by the Organization Setup Wizard. This includes, but is not limited to, the class hierarchy, application rule, organization/division/unit rules, and all relevant data instances.

See the following PDN article for more details on the New Application Wizard:

Create new applications quickly and easily with Application Express

Enabling security policies now requires current password

As part of Pega’s initiative to protect against malicious attacks, the change password dialog has been enhanced.  When Security Policies have been enabled for your system, new users or those with expired passwords will now be prompted for both their existing password as well as their desired new password.

For more details, review the Designer Studio > System > Settings > Security Policies landing page.

DCO

In this release, specification support in Case Designer was improved.  Also, improvements and fixes were made to the New Application Wizard.

• Changes were made to support a split schema environment
• Shared and Component RuleSets can be copied.
• Can edit in Word from either Grids or Lists.
• More than 50 case types are now supported for an application.

Updated Word merge support with Microsoft Silverlight plug-in

Starting in this release, Pega 7 features that integrate with the Word merge capability are now cross-browser. ActiveX controls (which are only compatible with Internet Explorer) have been replaced with Microsoft Silverlight. This plug-in must be downloaded separately from Microsoft because it is not shipped with Pega 7.

Common features that are affected by this change include the Specification form and Case Type landing page.

Prior to using these features, see the release note Word merge support with Microsoft Silverlight plug-in for more information about setting up their client systems.

Java injection vulnerability check

Pega Platform™ now notifies you of Java injection vulnerabilities in activities, functions, and stream rules at design time and at run time.  You can customize Pega Platform to check for additional vulnerabilities to ensure that your application runs without problems.

For more information, see Configuring the Java injection check.

Usability improvements to Admin Studio

Admin Studio offers a variety of usability enhancements, including:

• New access groups to differentiate between full and read-only access to Admin Studio
• A Java class lookup utility
• A requestor list for the logged-on operator
• The ability to display system node type in the logs

Also, if your environment uses Predictive Diagnostic Cloud (PDC), the Admin Studio overview page now includes a link to PDC.

For more information, see Managing requestors.

Token credentials authentication service

You can create a new type of authentication service for token credentials authentication, which is useful for offline mobile applications. With token credentials authentication, users need to enter their credentials only once in a session. Subsequent access to the server is authenticated with a token. The token can be generated by the Pega Platform™ authorization layer (OAuth 2.0) or issued by an external identity provider.

For more information, see Configuring a token credentials authentication service.

Platform truststore for validating certificates

Pega Platform™ now includes a platform truststore, to which you can import X.509 certificates that are common across platform applications. When a certificate needs to be validated, Pega Platform looks for the certificate at the connector level, then in the platform truststore, and finally in the application server (JVM) truststore. You can add, update, and delete certificates in the platform truststore without having to restart the server, which is useful when TLS certificates are changed for reasons such as key rotation.

For more information, see Importing an X.509 certificate.

Support for additional key management services

By supporting additional key management services, Pega Platform™ offers you increased flexibility when defining keys that are used for encryption of application and internal system data. You can now create keystores that reference keys from key management services such as Microsoft Azure Key Vault, HashiCorp Vault, and Google Cloud KMS, in addition to Amazon KMS. You can also create a keystore that references other key management services through the use of a data page.

For more information, see Configuring a Microsoft Azure Key Vault keystore, Configuring a HashiCorp Vault keystore, and Configuring a Google Cloud KMS keystore.