Published Release Notes

Create email correspondence by using templates

You can configure email correspondence rules by using email templates. Email templates provide custom email formats for users and give developers a greater degree of customization in designing email correspondence. Select an email template on the Corr tab of a correspondence rule by clicking Edit mode and selecting Templated email from the menu. You can also create a section as an email template by clicking Email template on the Settings tab of the section form. For more information see Creating email correspondence by using a template.

OAuth 2 token support in Pega Mobile Client

The Client Store module in Pega Mobile Client has been extended to support OAuth 2 tokens. The tokens are used to authorize data synchronization requests that are sent to the Pega^® Platform. Once the OAuth 2 token support is turned on and configured on the server, Pega Mobile Client starts using it automatically. This functionality is available on both iOS and Android devices.

For more information, see Enabling data synchronization with OAuth 2 tokens.

New Java API improves JSON serialization

By using a Java API, you can serialize a Page or Property clipboard object to a JSON string for faster JSON serialization. You can also create a map between API responses and an application's internal data model that improves integration performance and maintainability.

For more information, see Using the mapping API for high-performance JSON serialization and Using the mapping API for high-performance JSON deserialization.

External keystore support in Pega Platform

Pega^® Platform now provides the ability to source certificates and encryption keys from external keystores. You use the Keystore rule to specify alternatives to the platform's database to source certificates and keys. You can choose to use a data page, a URL, or an external file in one of the following standard formats: JKS, JWK, PKCS12, KEYTAB, or KEY. Keystore information is stored in cache memory only. It is not stored on the clipboard nor is it directly accessible to the application logic.

For more information, see Creating a Keystore data instance.

Two-factor authentication with one-time passwords

Pega® Platform now supports two-factor authentication in custom authentication services and case flow processing, by sending a one-time password to an operator through email and requiring the operator to provide it back to your application for verification. Use REST API OTP Generation to generate and store one-time passwords, and REST API OTP Verification to verify passwords against user entries. You can also use the pxSendOTP and pxVerifyOTP activities called by these APIs to implement two-factor authentication of users in case flows prior to performing a critical operation (e.g. before completing a critical transaction such as a funds transfer in excess of a certain amount). Settings on the Security Policies landing page control the behavior of the two-factor authentication process.

For more information, see Enabling security policies.

Support for OAuth 2.0 authorization in Pega Platform REST services

Pega^® Platform REST services now support OAuth 2.0 authorization that uses federated authentication with SAML 2.0-compliant identity providers (IDPs). The OAuth 2.0-based authorization can be configured to use the SAML2-bearer grant type with a SAML token profile. This configuration is used when a resource requestor is authenticated by using a SAML2.0-compliant IDP.

For more information, see Security rules and data.

Privilege inheritance support through access roles

Privilege inheritance simplifies the process of defining privileges that are relevant in multiple classes. When determining whether a user should be granted a named privilege that allows a type of access to a class, Pega^® Platform searches for Access of Role to Object (Rule-Access-Role-Obj) rules that are relevant to the target class and to the access roles listed in the user's access group, and considers the privileges granted or denied in those rules. When privilege inheritance is enabled within an access role, the search for relevant Access of Role to Object rules begins with the target class and, if necessary, continues up the class hierarchy until a relevant rule is found.

For more information, see Privilege inheritance for access roles.

Use Kafka data sets in Pega Decision Strategy Manager

You can create Kafka data set rules to connect to an external Apache Kafka server cluster and use this data set in decision management for processing real-time streaming data. Integrating Kafka data sets into complex event processing (CEP) as part of Event Strategy rules provides a fault-tolerant and scalable solution for processing real-time data feeds.

For more information, see Kafka data sets in decision management.

Send event notifications in Pega Platform

You can configure applications to notify users of case changes or other significant events that occur in an application. Use notifications to engage application users by providing key updates that might be of interest to them.

You can deliver notifications over the default web gadget and email channels or use a custom channel that you created. You can configure multiple web gadgets to display different kinds of notifications. The email channel supports notification frequency of instant, daily, or weekly.

Application users can set their own notification preferences in the run-time portals or override the set preferences for a specific case type instance.

For more information, see Sending event notifications and Management of user notification preferences.

Reused forms support fields that can be modified

Now, you can choose whether the fields in an embedded form are read only or can be modified at run-time. You can set the reused form to Auto, which maintains the display mode (read only, required, optional) set for each field. Reusing a form reduces development time and maintains a consistent layout for a set of fields.

For more information, see Reusing a form.