INC-157095 · Issue 638808
Enhancement added for tenant-level authentication
Resolved in Pega Version 8.7
In a multi-tenant PDC with a few tenants that utilize their own custom SSO, a pre-authentication activity inside a tenant that should block community access was also affecting tenants that did not have that pre-auth activity set. This was a missed use case and has been resolved by adding a tenantId hash in SchemePRAuth.makeUniqueSchemeName() to create the authServiceName.
SR-D95148 · Issue 557483
Port validation updated for redirect URI
Resolved in Pega Version 8.2.7
When an offline app for windows client was generated, trying to login via SSO resulted in the error "invalid redirect_uri". This was traced to the system validating the whole loopback redirection URL, e.g. "http://127.0.0.1:1234/redirection", including the port number. To enhance flexibility, an update has been made so that the port number will not be validated, allowing the client to establish it based on availability at the moment of the request to the authorization service. NOTE: As a best practice, a loopback URL should not be configured as a redirect URI. If a loopback URL is configured, then at run time the port number will not be validated, and the client application can use any available port on the system including ports that may not be intended for use.
INC-177737 · Issue 663141
Authentication requirement updated for CallConnector
Resolved in Pega Version 8.7
After update, invoking a REST API call during SSO login which eventually called pxCallConnector (Final Activity) in @baseclass Pega-RulesEngine failed at the CallConnector step. This was caused by a change in recent Pega versions which enabled authentication for this activity, and has been resolved by marking the activity as internal and disabling the authentication requirement.
SR-D25972 · Issue 501482
Handling added for custom error message in post-authentication activity
Resolved in Pega Version 8.2.4
The error message in post authentication activity was always appearing as 'Login terminated because a post-authentication activity or policy failed' irrespective of the actual message being conditionally set in the activity based on post authentication logic. Investigation showed that the parameter page in the SSO post-authentication activity was not being passed to the 'pzShowAuthPolicyError' activity due to the post-authentication activity executing in authenticated context whereas the HTML fragment executed in the un-authenticated context. In order to support this use, post-authentication activity will set the error message on a predefined property and propagate that to the HTML fragment by appending the error message as a query parameter in the redirect exception URL post-authentication failure.
SR-D83931 · Issue 545872
Header style inheritance corrected
Resolved in Pega Version 8.2.7
When a header style for a container was explicitly set, any layout underneath inherited that style when using container formats set to 'Use Skin Base Settings'. This has been resolved by increasing specificity for the header title.
INC-187553 · Issue 675429
Service Email handling updated for MSGraph "From" address
Resolved in Pega Version 8.7
While creating cases via email listener, the "From" address was not shown when using MSGraph. This was an issue with extracting the display name when MSGraph is used, and has been resolved by adding double quotes to display the name unconditionally.
INC-188080 · Issue 673783
Service Email handling updated for MSGraph "From" address
Resolved in Pega Version 8.7
While creating cases via email listener, the "From" address was not shown when using MSGraph. This was an issue with extracting the display name when MSGraph is used, and has been resolved by adding double quotes to display the name unconditionally.
INC-188143 · Issue 674972
Service Email handling updated for MSGraph "From" address
Resolved in Pega Version 8.7
While creating cases via email listener, the "From" address was not shown when using MSGraph. This was an issue with extracting the display name when MSGraph is used, and has been resolved by adding double quotes to display the name unconditionally.
INC-189477 · Issue 674034
Service Email handling updated for MSGraph "From" address
Resolved in Pega Version 8.7
While creating cases via email listener, the "From" address was not shown when using MSGraph. This was an issue with extracting the display name when MSGraph is used, and has been resolved by adding double quotes to display the name unconditionally.
INC-200029 · Issue 690167
Service Email handling updated for MSGraph "From" address
Resolved in Pega Version 8.7
While creating cases via email listener, the "From" address was not shown when using MSGraph. This was an issue with extracting the display name when MSGraph is used, and has been resolved by adding double quotes to display the name unconditionally.