Published Release Notes

New service for generating OAuth 2.0 client credentials

Pega^® Platform now includes the oauthclients service package that provides a REST service for generating OAuth 2.0 client credentials. By using the client registration service, you can dynamically register OAuth 2.0 clients. The new service is secured by an existing OAuth service. Access tokens that are issued by the existing OAuth service are accepted as initial access tokens by the new service.

For more information, see OAuth 2.0 Client Registration data instances.

Operator presence record tracks disconnected status of operators

The state attribute in the operator presence record now tracks the operator connection status of DISCONNECTED, in addition to tracking the operator connection status of ACTIVE, AWAY, or OFFLINE. Operators are disconnected if their browser crashes, if they close a browser session without logging out of the system, or if the network connection is down. The DISCONNECTED status helps prevent work from being routed to operators who are not online or not available.

When the operator restores the browser session or the network connection is restored, the Pega^® Platform updates the operator connection status to ACTIVE.

For more information, see Tracking the online presence of operators.

Customizations to the prlogging.xml file must be manually ported after upgrade

As a result of the upgrade from the Apache Log4j 1 logging service to the Apache Log4j 2 logging service, the name of the logging configuration file has changed from prlogging.xml to prlog4j2.xml and the format of the file has changed considerably. If you customized your prlogging.xml file, port the customizations to the new prlog4j2.xml file. If you do not port the changes, the Pega^® Platform uses the default prlog4j2.xml file and disregards your customized prlogging.xml file.

For more information about customizing your log files, see the Apache Log4j 2 documentation.

Add custom controls to section palettes

You can add custom controls to the Basic or Advanced palettes in sections. With this enhancement, Pega^® Platform developers have easy access to custom controls. The Show in authoring menus check box is available in the HTML tab of the custom control rule. You can add a custom icon to display in the menu with the custom control.

For more information see Adding custom controls to the section palette in Designer Studio.

Privilege inheritance support through access roles

Privilege inheritance simplifies the process of defining privileges that are relevant in multiple classes. When determining whether a user should be granted a named privilege that allows a type of access to a class, Pega^® Platform searches for Access of Role to Object (Rule-Access-Role-Obj) rules that are relevant to the target class and to the access roles listed in the user's access group, and considers the privileges granted or denied in those rules. When privilege inheritance is enabled within an access role, the search for relevant Access of Role to Object rules begins with the target class and, if necessary, continues up the class hierarchy until a relevant rule is found.

For more information, see Privilege inheritance for access roles.

Package caching is not supported in offline-enabled applications built with the UI Kit 7 (09-01-01) portal

When you create an offline-enabled application in Pega^® Platform, by default, it uses a portal with the UI Kit 7 (09-01-01) ruleset. In such a case, the package caching functionality cannot be used. You must either disable caching on the Advanced tab of the Access Group rule form, in the Offline Configuration section, or use an adaptive design instead of rendering different elements for different devices with the UI Kit 7 (09-01-01) ruleset.

For more information, see Access Group form - Completing the Advanced tab.

Validate rule support in offline-enabled applications

To enhance the user experience of your offline-enabled application, you can now use validate rules that are referenced by a flow action. You can also explicitly add other types of validate rules as offline-supported. The offline validation API provides two methods that you can use in your custom code to run from a Run script action or a custom JavaScript function. Several JavaScript utility functions, the equivalent of built-in Java functions for Pega^® Platform, are now also available.

For more information, see Validate rule support in offline mode and Function rule support in offline mode.

Security fields in JFrog Artifactory repository do not work

The fields in the Security section of the JFrog Artifactory repository rule form, including the Secure protocol field, the Truststore field, and the Keystore field, were not implemented. In the Pega™ Platform 7.3 Designer Studio help, disregard the optional Security section in step 4 of the Configuring a JFrog Artifactory or Amazon S3 repository connection help topic, and disregard the optional Security section in step 5 of the Creating a repository configuration help topic in the 7.3.1 Designer Studio help.

Improve cluster security by limiting concurrent operator sessions

You can increase the security of a Pega^® Platform cluster by limiting the number of concurrent sessions allowed for each operator. Because operators typically do not require multiple concurrent sessions for performing their work, limiting the number of sessions reduces the chance that an unknown or untrusted person could access systems in the cluster. Use the new setting Number of concurrent sessions allowed for each operator on the Production tab of the System Data Instance form to configure the number of concurrent sessions for operators. You must restart your system when you change this setting. You can also create a list of operators by using the presence/maxsessions/operators/whitelist Dynamic System Setting, to which the maximum number of concurrent sessions setting will not apply.

For more information, see System form - Completing the Production tab.

Data encryption across search nodes

You can now encrypt communication among search nodes. Encryption secures the data that is transferred across nodes so that it cannot be accessed by unauthorized hosts. Encryption is enabled by default for new installations and upgrades from Pega^® 7.1.6 or earlier to Pega 7.3. Encryption is not enabled by default for upgrades from Pega 7.1.7 or later to Pega 7.3. You can enable and disable search encryption from the Search landing page or by using the indexing/distributed/enable_inter_node_encryption Dynamic System Setting.

For more information, see Enabling and disabling encryption for communication among search nodes.