INC-188127 · Issue 678350
Updated cache key generation for ROPC
Resolved in Pega Version 8.8
After configuring outbound email functionality using MSGraph with OAuth 2.0, sending the emails failed consistently following passivation. Running "Test connectivity" in the Email Account data instance then seemed to restart the functionality and the automation "Create And Send Email" subsequently worked. This was traced to a missing username in the cache key generation for the Resource Owner Password Credentials (ROPC), which caused the same token to be fetched when attempting to dynamically generate different usernames, and has been resolved.
INC-219086 · Issue 724268
Keypair handling updated
Resolved in Pega Version 8.8
Rest API calls were failing with invalid token error in production due to the keypairs used to encrypt the access token being different for each node. This happened when the keypair cache was maintained at node level instead of being retrieved from a database each time; when a keypair expired, a new keypair was created for each node instead of sharing one because the updates to keypair were not properly communicated among the nodes. To resolve this, a check has been added to see if a new keypair is already available in the database before creating a new keypair, handling has been added for any DuplicateKeyException that might occur while saving a keypair to the database, and a pxCreateDateTime has been added while storing the new keypair in the database. Please also note that the default key rotation period is now 180 days and can be adjusted through the setting AccessToken/KeyRotationInterval.
INC-226400 · Issue 731712
Adhoc case creation repaired
Resolved in Pega Version 8.8
Adhoc case creation was not working. The adhoc case creation flow action uses a page called "newWorkPage" for case creation: this parameter page which is used by the pySaveAdHocCase activity in the pyCreateAdhocCase flow action has a naming conflict with page name in activity pzShowConflicts, resulting in the system removing both the pages in step 11 of pzShowConflicts activity. To resolve this, the page created and used in pzShowConflicts has been renamed from newWorkPage to showConflictsWorkPage.
INC-212265 · Issue 714014
at+jwt header type support added
Resolved in Pega Version 8.8
After upgrading from Pega 7 to Pega 8, using JWT validation in the REST service package with type "at+jwt" resulted in the JSON web token being rejected during signature verification with the error "header "typ" (type) "at+jwt" not allowed". Pega uses the third-party Nimbus jar to generate and verify JWT tokens, and this issue was traced to a difference in the versions of that jar: Pega 7.3 uses the nimbus-jose-jwt 5.1 version jar, while Pega 8.6+ uses the 8.20 jar version. Nimbus rejects at+jwt header types by default from the 8.0 jar version. To resolve this and improve backwards compatibility, at+jwt header type support has been added.
INC-188469 · Issue 714843
Updated retainLock for DoClose activity
Resolved in Pega Version 8.8
After sending an external email notification from a case, attempting to use the "close" button resulted in an access denied error. This was traced to a missed use case for recent security improvements which resulted in not setting the required parameter retainLock for the DoClose activity, and has been resolved.
INC-203595 · Issue 702360
Updated retainLock for DoClose activity
Resolved in Pega Version 8.8
After sending an external email notification from a case, attempting to use the "close" button resulted in an access denied error. This was traced to a missed use case for recent security improvements which resulted in not setting the required parameter retainLock for the DoClose activity, and has been resolved.
INC-227736 · Issue 744475
Added polling lock to handle CDK Key rotation issues
Resolved in Pega Version 8.8
An error was generated when attempting to open existing encrypted contacts created in the Sales Automation application. This was traced to multiple nodes generating CDKs simultaneously, leading to a race condition, and has been resolved by refactoring the CDK generation code so it will acquire a lock when polling the database to avoid a race condition.
INC-192673 · Issue 689552
Tab highlighting updated
Resolved in Pega Version 8.8
Not all elements were indicated with yellow highlighting when tabbing through the screen. This has been resolved.
INC-219054 · Issue 718871
Data key rotation update
Resolved in Pega Version 8.8
After creating a new Azure vault keystore, attempting to force data key rotation produced the error "Unable to save keystore metadata". This has been resolved with an update to use the same master key ID as the old keystore in cases where the master key ID is the same.
INC-224726 · Issue 730543
Resolved drag and drop duplicate entries
Resolved in Pega Version 8.8
Including files with Drag and Drop control was resulting in duplicate file entries. This was traced to run visibility on client being enabled by default on layout in the section pzAttachContentScreen, and has been resolved by modifying the default to be that run visibility on client is disabled on layout in this section when pyDescription is null.