Published Release Notes

Automatic separation of date input

Date fields in Date Time controls now automatically divide strings of input into days, months, and years. In single fields, the system adds slashes (/) as the user types the value. For example, an input string of 10102020 becomes 10/10/2020. In separate day/month/year fields, the system automatically switches from one field to the next as the user types the value. This enhancement improves the user experience by helping to users provide input in a more convenient and time-efficient manner.

For more information, see Configuring a Date Time control.

Improvements to OAuth 2.0 Services with Token Introspection Service and Token Denylist Service

Increase the security of user sessions by using the newly supported Token Introspection and Denylist services for OAuth 2.0.

Token Introspection service

Use the Token Introspection service to validate JSON Web Tokens (JWT). The Token Introspection service requires authentication. 

Pega now uses OAuth 2.0 access tokens called Authorized Access Tokens (AAT). 

Token Introspection service endpoint

The Token Introspection service endpoint provides the information about the status of access token and refresh token. Token introspection can be used to validate if a given token is still active or inactive. The token introspection endpoint determines whether the token is valid. The status indicates whether an access token or refresh token is valid or invalid: 

• Valid tokens have the “active”:true status
• Invalid tokens have the “active” :false status.

The inactive status can also be due to revocation. 

Token Denylist service

You can add tokens to the deny list in cases where suspicious activity might have occurred. The Token Denylist service provides a method for denying user access to the application by revoking the user's access token. This service can prevent a token from being used more than the specified number of times, which can be helpful in preventing replay attacks. Stolen tokens should be revoked using this service. A GET API is also available to get the list of denied tokens.

Keys endpoint

Pega Platform™ is changing from using opaque tokens to JSON Web (JWT) tokens. If this JWT is used by any other system, the public key is needed for signature verification. A new endpoint is exposed to provide these public keys in JWK format: https://host:port/prweb/api/oauth2/v1/token/keys.

For more information, see OAuth 2.0 Management Services.

Portals can refresh a single page in a dynamic container

You can use a single-document dynamic container in a portal that allows you to refresh a single page in the container without reloading the entire portal, which improves performance and security. From the Properties panel, you can configure an existing dynamic container for this purpose by setting the mode to Single Document and selecting Render as a single page.

For more information, see Dynamic container settings.

New service for generating OAuth 2.0 client credentials

Pega^® Platform now includes the oauthclients service package that provides a REST service for generating OAuth 2.0 client credentials. By using the client registration service, you can dynamically register OAuth 2.0 clients. The new service is secured by an existing OAuth service. Access tokens that are issued by the existing OAuth service are accepted as initial access tokens by the new service.

For more information, see OAuth 2.0 Client Registration data instances.

Search and Reporting does not index large items

When using the Search and Reporting (SRS) microservice in Pega Platform™ 8.5, you might encounter problems with indexing large out-of-the-box rules. The issue is not visible in Queue Processors, but you can access logs to verify which items the system does not index.

Ability to persist request data for synchronous REST Service failures

Request data can now be persisted when synchronous REST Service processing fails. To ensure that data is not lost and can be reprocessed, set the Execution Mode on the rule form to Execute synchronously (queue on error).

For more information see Service REST form - Completing the Service tab.

Layout groups support icons and titles in headers

You can now include icons or cells to enhance the design of layout group headers. On the properties panel, select Include icon with title under Container settings to add icons and titles in the layout headers. Also, the layout group control can now refresh the content of a dynamic layout if the layout is active.

For more information, see Adding a Layout Group.

Improved identification and handling of code assembly errors

Code assembly error logs are now more meaningful and help you identify root causes with better accuracy. Pega Platform™ now also invalidates erroneous assembly to facilitate successful reassembly when the code is accessed again. For example, if a section is not correctly assembled when a user first signs in to the system, the application attempts to reassemble that section the next time a user signs in. In this way, you can avoid lingering issues and improve stability.

Enhanced tables in Cosmos React UI

The Pega Platform™ Cosmos React UI environment now includes improved tables. The updated tables use a revamped graphic design and support a number of new run-time behaviors, including column freezing and advanced filtering. The added features improve the user experience by giving case workers more control over data in tables, while the revised architecture enhances efficiency and reliability.

Response timeout configuration for predictions

You can now set a response timeout for your predictions in Prediction Studio. By setting a response timeout, you control how Prediction Studio registers customer responses that later serve as feedback data for your predictions.

For more information, see Customizing predictions.