Java injection vulnerability check
Valid from Pega Version 8.3
Pega Platform™ now notifies you of Java injection vulnerabilities in activities, functions, and stream rules at design time and at run time. You can customize Pega Platform to check for additional vulnerabilities to ensure that your application runs without problems.
For more information, see Configuring the Java injection check.
Usability improvements to Admin Studio
Valid from Pega Version 8.3
Admin Studio offers a variety of usability enhancements, including:
- New access groups to differentiate between full and read-only access to Admin Studio
- A Java class lookup utility
- A requestor list for the logged-on operator
- The ability to display system node type in the logs
Also, if your environment uses Predictive Diagnostic Cloud (PDC), the Admin Studio overview page now includes a link to PDC.
For more information, see Managing requestors.
Access Manager portal
Valid from Pega Version 7.1.5
Changes to the Access Manager simplify the process of modifying the access rights of features for an application. The changes, including creation of an Access Manager portal, make it easier for non-technical users, such as business architects, to set access rights even if they may not have a deep understanding of Pega 7's security model and class inheritance structure.
Token credentials authentication service
Valid from Pega Version 8.3
You can create a new type of authentication service for token credentials authentication, which is useful for offline mobile applications. With token credentials authentication, users need to enter their credentials only once in a session. Subsequent access to the server is authenticated with a token. The token can be generated by the Pega Platform™ authorization layer (OAuth 2.0) or issued by an external identity provider.
For more information, see Configuring a token credentials authentication service.
Platform truststore for validating certificates
Valid from Pega Version 8.3
Pega Platform™ now includes a platform truststore, to which you can import X.509 certificates that are common across platform applications. When a certificate needs to be validated, Pega Platform looks for the certificate at the connector level, then in the platform truststore, and finally in the application server (JVM) truststore. You can add, update, and delete certificates in the platform truststore without having to restart the server, which is useful when TLS certificates are changed for reasons such as key rotation.
For more information, see Importing an X.509 certificate.
Support for additional key management services
Valid from Pega Version 8.3
By supporting additional key management services, Pega Platform™ offers you increased flexibility when defining keys that are used for encryption of application and internal system data. You can now create keystores that reference keys from key management services such as Microsoft Azure Key Vault, HashiCorp Vault, and Google Cloud KMS, in addition to Amazon KMS. You can also create a keystore that references other key management services through the use of a data page.
For more information, see Configuring a Microsoft Azure Key Vault keystore, Configuring a HashiCorp Vault keystore, and Configuring a Google Cloud KMS keystore.