Improving basic access control
Valid from Pega Version 8.5
Pega Platform™ has implemented a new basic access control (BAC) to protect your application from unauthorized server calls from otherwise authenticated users.
For more information, see Access Control Checks.
Upgrade impact
After you upgrade to Pega 8.5, all the functionality in the model configurations that use auto-generated controls and actions continues to work as before. However, you must secure any customized JavaScript in your application layer that makes AJAX (server) calls by using registration or encryption mechanisms.
What steps are required to update the application to be compatible with this change?
After upgrade, to migrate custom JavaScript functionality, see Access Control Checks.
Authentication service for basic credentials
Valid from Pega Version 8.2
A new type of authentication service is available for authenticating operators by using basic credentials (user ID and password). The default Pega Platform™ login is now an instance of this type of authentication service. All basic credentials authentication services include mobile authentication with the OAuth 2.0 protocol and Proof Key for Code Exchange (PKCE). You no longer have to create a custom authentication service to support mobile applications.
For more information, see Configuring a basic authentication service.
Signature Capture control
Valid from Pega Version 7.1.6
The Signature Capture control allows you to capture a user's signature when using either a desktop application or a mobile app accessed from the Pega 7 mobile application. Once a user has input a signature, it is added to the work item as an image attachment.
Access the Signature Capture control from the Advanced dropdown in Designer Studio.
See How to use the Signature Capture control.
Address Map control
Valid from Pega Version 7.1.6
The Address Map control creates an instance of Google Maps in an application at runtime that can be used in both desktop applications and mobile apps that use the Pega 7 mobile application.
This control allows users to interact with multiple points on a map and see location details, and can display directions and distance between a current position and a specified address.
Access the Address Map control from the Advanced dropdown in Designer Studio.
See How to use the Address Map control.
Manage test ID access with an access group role
Valid from Pega Version 8.2
Test IDs for user interface components are available only to users who have the PegaRULES:TestID role added to their access group. This requirement allows administrators to limit access to test IDs to users who create or run tests. At run time, applications do not include the test ID data for users without the PegaRULES:TestID role, which reduces the amount of code that is downloaded to the client.
For more information see Managing Test ID access with an access group role
Date range configuration added to DateTime control
Valid from Pega Version 8.2
The DateTime (calendar) control now includes an option to specify a custom date range. The users will be able to quickly select valid start and end days of a period by choosing dates in an interactive calendar in an overlay.
For more information, see Configuring the basic settings for a DateTime control - date range
New JWT access token format: Authorized Access Token
Valid from Pega Version 8.5
Pega Platform™ is changing from using opaque tokens to using JSON Web (JWT) tokens and the JWT access token format: Authorized Access Token (AAT). An AAT enables a client application to validate the server for user permissions and authorizes a specific application to access specific parts of a user’s data.
The major benefits to using the JWT format are:
- The JWT is a self-contained token that has authentication information, expire time information, and other user-defined claims digitally signed.
- A single token can be used with multiple applications.
- The tokens are short-lived and can minimize damage if transport security is compromised, as the token signature is verified.
- As the token is verified with the signature, there is no need to verify against a database, thus reducing latency (usually important for Web APIs).
For more information, see Understanding authorized access tokens.
Control group configuration for predictions
Valid from Pega Version 8.5
You can now configure a control group for your predictions in Prediction Studio. Based on the control group, Prediction Studio calculates a lift score for each prediction that you can later use to monitor the success rate of your predictions.
For more information, see Customizing predictions.
Improved access to Cosmos UI settings
Valid from Pega Version 8.5
The Settings tab in the App Studio case designer now includes tools for configuring Cosmos UI. With this enhancement, you can adjust design system settings without the need to specialize individual When rules in Dev Studio, which simplifies UI creation and saves development time.
For more information, see Managing Cosmos UI settings in case designer.
Ability to restrict access to the Import wizard
Valid from Pega Version 8.5
You can now restrict access to the Import wizard so that users implement an automated pipeline to deploy changes between environments such as staging and production. Deployment Manager is one method by which to create pipelines. By using pipelines to propagate changes, users can apply a standardized and automated deployment process for migrating their applications.
For more information, see:
- Ensuring that users migrate applications with a pipeline by restricting the Import wizard
- Understanding model-driven DevOps with Deployment Manager