Published Release Notes

Automatic separation of date input

Date fields in Date Time controls now automatically divide strings of input into days, months, and years. In single fields, the system adds slashes (/) as the user types the value. For example, an input string of 10102020 becomes 10/10/2020. In separate day/month/year fields, the system automatically switches from one field to the next as the user types the value. This enhancement improves the user experience by helping to users provide input in a more convenient and time-efficient manner.

For more information, see Configuring a Date Time control.

Improvements to OAuth 2.0 Services with Token Introspection Service and Token Denylist Service

Increase the security of user sessions by using the newly supported Token Introspection and Denylist services for OAuth 2.0.

Token Introspection service

Use the Token Introspection service to validate JSON Web Tokens (JWT). The Token Introspection service requires authentication. 

Pega now uses OAuth 2.0 access tokens called Authorized Access Tokens (AAT). 

Token Introspection service endpoint

The Token Introspection service endpoint provides the information about the status of access token and refresh token. Token introspection can be used to validate if a given token is still active or inactive. The token introspection endpoint determines whether the token is valid. The status indicates whether an access token or refresh token is valid or invalid: 

• Valid tokens have the “active”:true status
• Invalid tokens have the “active” :false status.

The inactive status can also be due to revocation. 

Token Denylist service

You can add tokens to the deny list in cases where suspicious activity might have occurred. The Token Denylist service provides a method for denying user access to the application by revoking the user's access token. This service can prevent a token from being used more than the specified number of times, which can be helpful in preventing replay attacks. Stolen tokens should be revoked using this service. A GET API is also available to get the list of denied tokens.

Keys endpoint

Pega Platform™ is changing from using opaque tokens to JSON Web (JWT) tokens. If this JWT is used by any other system, the public key is needed for signature verification. A new endpoint is exposed to provide these public keys in JWK format: https://host:port/prweb/api/oauth2/v1/token/keys.

For more information, see OAuth 2.0 Management Services.

Portals can refresh a single page in a dynamic container

You can use a single-document dynamic container in a portal that allows you to refresh a single page in the container without reloading the entire portal, which improves performance and security. From the Properties panel, you can configure an existing dynamic container for this purpose by setting the mode to Single Document and selecting Render as a single page.

For more information, see Dynamic container settings.

Support for custom database tables in external Cassandra clusters

Pega Platform™ now supports a connection to external Cassandra clusters through a dedicated Database Table data set, which reduces the need for data ingestion and export. You can use custom tables that you store in your external Cassandra cluster in data flows for accessing and saving data. You can access your custom data model by mapping the model to a Pega Platform class.

For more information, see Connecting to an external Cassandra database through a Database Table data set.

Improvements to guided tour creation

Usability improvements to creating and managing guided tours enable you to more efficiently create tours that introduce the key features of your application. Now, you configure the Manage guided tour action on a control to start, continue, or dismiss a tour, instead of specifying an API script.

For more information, see Managing a guided tour.

New service for generating OAuth 2.0 client credentials

Pega^® Platform now includes the oauthclients service package that provides a REST service for generating OAuth 2.0 client credentials. By using the client registration service, you can dynamically register OAuth 2.0 clients. The new service is secured by an existing OAuth service. Access tokens that are issued by the existing OAuth service are accepted as initial access tokens by the new service.

For more information, see OAuth 2.0 Client Registration data instances.

Usability improvements to Admin Studio

Admin Studio offers a variety of usability enhancements, including:

• New access groups to differentiate between full and read-only access to Admin Studio
• A Java class lookup utility
• A requestor list for the logged-on operator
• The ability to display system node type in the logs

Also, if your environment uses Predictive Diagnostic Cloud (PDC), the Admin Studio overview page now includes a link to PDC.

For more information, see Managing requestors.

Caching of common rules in offline mobile apps

To help start offline-enabled mobile apps more quickly from the time when the server was started, you can now cache common Pega 7 Platform rules, including node scope data pages. Optionally, you can also either cache all node scope data pages, with the exception of the selected ones, or cache only the node scope data pages that are explicitly specified. You set up the offline caching options for your custom mobile app in the Advanced tab of the Access Group rule form.

For more information, see the Offline Configuration section in Access Group form - Completing the Advanced tab.

Create case and Wait smart shapes available in Case Designer

Two smart shapes have been added in Case Designer. Use the Create case smart shape in a case step to create another case, a child case, or multiple child cases. Use the Wait smart shape to pause the process of a case under specified conditions.

For more information, see Adding a preconfigured step to a process.

Deploy in secured mode

Deploying the Pega 7 Platform in secured mode helps prevent unauthorized access to your system. By default, the Pega 7 Platform deploys in secured mode. For more information, see the Deployment Guide for your environment.