INC-151253 · Issue 607625
Hash comparisons adjusted for upgraded sites
Resolved in Pega Version 8.6
Existing Pega Diagnostic Cloud SSO URLs were not working after upgrade. This was traced to the previous tenant hash (or AG hash) having padding characters like ‘(’ which are no longer used in higher versions. This caused the tenant hash comparison during the SAML login flow to fail. To resolve this, the system will not compare an incoming tenant hash (in relay state) with a current platform tenant hash, but instead will rely on the “/!” pattern to identify the tenant hash in the relay state.
INC-214974 · Issue 721179
Documentation updated for accessing D_pyUserInfoClaims
Resolved in Pega Version 8.8
When logging in using Org Credentials, trying to get the user details from D_pyUserInfoClaims did not return any information. This was due to the D_pyUserInfoClaims datapage being available only after authentication, so the claims information was not available during operator provisioning. The documentation located at https://docs.pega.com/security/88/mapping-operator-information-openid-connect-sso-authentication-service has been updated to include the following note: "This page becomes available and can only be accessed post authentication."
INC-130703 · Issue 597254
Operator provisioning on authentication service corrected
Resolved in Pega Version 8.6
When operator provisioning was triggered on user login via authentication service, the error "ModelOperatorName is not valid. Reason: declare page parameters not supported by PropertyReference" was generated. This was traced to optimization work that had been done on the expression evaluation for operator identification, and has been resolved by adding the required GRS Syntax support in the Operator Provisioning section in SAML and OIDC.
INC-211426 · Issue 706059
UI and code changes to support Client Assertion in Open ID Connect
Resolved in Pega Version 8.8
In order to support private_key_jwt, an enhancement has been added which will pass the “Client ID” and “Client assertion” (in the form of a signed JWT) as part of the authorization code grant flow for an IDP-initiated SSO. The Authorization Server will then authenticate Pega (the client) to verify the signature and payload of assertion by retrieving the public key via Pega’s JWKS endpoint.
INC-216053 · Issue 716445
UI and code changes to support Client Assertion in Open ID Connect
Resolved in Pega Version 8.8
In order to support private_key_jwt, an enhancement has been added which will pass the “Client ID” and “Client assertion” (in the form of a signed JWT) as part of the authorization code grant flow for an IDP-initiated SSO. The Authorization Server will then authenticate Pega (the client) to verify the signature and payload of assertion by retrieving the public key via Pega’s JWKS endpoint.
INC-154205 · Issue 618737
Corrected wrap text for Cosmos radio buttons
Resolved in Pega Version 8.6
When using Cosmos, radio buttons with large labels were displayed with the text overlapping even when wrap text was enabled and the radio button placement was incorrect. This was traced to a height of 32px being set as the default, overriding the wrap text setting, and has been resolved by adding CSS to set the height as auto when wrap text on radio label is used.
INC-176138 · Issue 723084
Performance improvements for save-as
Resolved in Pega Version 8.8
Performance issues were seen when using save-as for rules such as Declare expression, When rules, activity, etc. This was traced to a very large number of extra database queries that were being executed while building the Declarative Cache. To resolve this, an update has been made so the queries used for the Declarative Cache will only be executed when required.
INC-198555 · Issue 720899
Performance improvements for save-as
Resolved in Pega Version 8.8
Performance issues were seen when using save-as for rules such as Declare expression, When rules, activity, etc. This was traced to a very large number of extra database queries that were being executed while building the Declarative Cache. To resolve this, an update has been made so the queries used for the Declarative Cache will only be executed when required.
INC-225788 · Issue 728057
Performance improvements for save-as
Resolved in Pega Version 8.8
Performance issues were seen when using save-as for rules such as Declare expression, When rules, activity, etc. This was traced to a very large number of extra database queries that were being executed while building the Declarative Cache. To resolve this, an update has been made so the queries used for the Declarative Cache will only be executed when required.
INC-226764 · Issue 745051
Performance improvements for save-as
Resolved in Pega Version 8.8
Performance issues were seen when using save-as for rules such as Declare expression, When rules, activity, etc. This was traced to a very large number of extra database queries that were being executed while building the Declarative Cache. To resolve this, an update has been made so the queries used for the Declarative Cache will only be executed when required.