Skip to main content

Resolved Issues

View the resolved issues for a specific Platform release.

Go to download resolved issues by patch release.

Browse release notes for a selected Pega Version.

NOTE: Enter just the Case ID number (SR or INC) in order to find the associated Support Request.

Please update your bookmarks. This site will be discontinued in Dec 2024.

Pega Platform Resolved Issues for 8.1 and newer are now available on the Support Center.

SR-B82500 · Issue 331560

Enhancement to support external delegated authentication via custom authentication

Resolved in Pega Version 7.4

OAuth 2.0 configuration has been embedded into the HC mobile app to provide an infrastructure for REST services to be authenticated by an external token which has been issued by third party identity provider. When Pega receives a token, it then contacts the identity provider's token introspection and userinfo endpoint to validate the token and subsequently establish an identity. The new authentication activity has been shipped with the name 'pyPerformDelegatedAuthentication' that can be attached to any Authentication service data instance.

SR-B82500 · Issue 332132

Enhancement to support external delegated authentication via custom authentication

Resolved in Pega Version 7.4

OAuth 2.0 configuration has been embedded into the HC mobile app to provide an infrastructure for REST services to be authenticated by an external token which has been issued by third party identity provider. When Pega receives a token, it then contacts the identity provider's token introspection and userinfo endpoint to validate the token and subsequently establish an identity. The new authentication activity has been shipped with the name 'pyPerformDelegatedAuthentication' that can be attached to any Authentication service data instance.

SR-B83952 · Issue 338450

Handling added for URL encoding problem

Resolved in Pega Version 7.4

A button configured with 'onClick > Open URL in window' had the "?" replaced by "?=%26" in the URL. This was traced to a safeURL bug which encodes '&' in the URL when there is no key=value pair in the request params. To compensate for this, a design time configuration has been added to skip encoding if the system encounters custom URLs with no key=value pairs.

SR-B84966 · Issue 338317

Handling added for URL encoding problem

Resolved in Pega Version 7.4

A button configured with 'onClick > Open URL in window' had the "?" replaced by "?=%26" in the URL. This was traced to a safeURL bug which encodes '&' in the URL when there is no key=value pair in the request params. To compensate for this, a design time configuration has been added to skip encoding if the system encounters custom URLs with no key=value pairs.

SR-B85132 · Issue 334749

SAML enhancements added with OperatorContext availability fix

Resolved in Pega Version 7.4

The activity pyEstablishOperatorContext availability was incorrectly marked as final. This has been fixed and is "Available, Extension". In addition, many other enhancements have been added towards the goal of no-code configuration of SAML SSO authentication. SAML SSO is the most widely used authentication in production, but has historically required complex custom code. Please see the release notes for more information about Single Page UI Configuration and Adaptive Design for Authentication Run-time.

SR-B86311 · Issue 336269

Enhanced security by masking requestor-ID

Resolved in Pega Version 7.4

In order to improve session security against potential hijacking of a session, the Pega-RULES cookie will be masked in various locations, such as log files, SMA, tracer, exceptions, etc. by exposing only the first character (as it depicts the type of requestor) and the last four characters.

SR-B86311 · Issue 338968

Enhanced security by masking requestor-ID

Resolved in Pega Version 7.4

In order to improve session security against potential hijacking of a session, the Pega-RULES cookie will be masked in various locations, such as log files, SMA, tracer, exceptions, etc. by exposing only the first character (as it depicts the type of requestor) and the last four characters.

SR-B86311 · Issue 340639

Enhanced security by masking requestor-ID

Resolved in Pega Version 7.4

In order to improve session security against potential hijacking of a session, the Pega-RULES cookie will be masked in various locations, such as log files, SMA, tracer, exceptions, etc. by exposing only the first character (as it depicts the type of requestor) and the last four characters.

SR-B86311 · Issue 341403

Enhanced security by masking requestor-ID

Resolved in Pega Version 7.4

In order to improve session security against potential hijacking of a session, the Pega-RULES cookie will be masked in various locations, such as log files, SMA, tracer, exceptions, etc. by exposing only the first character (as it depicts the type of requestor) and the last four characters.

SR-B88923 · Issue 337768

Utility added to check for operators using default passwords

Resolved in Pega Version 7.4

To enhance security and ease of administration, a utility has been added that can disable default operators that ship with Pega Platform and Strategic Apps if the password hasn't been changed. This utility can be called as a service by PegaCloud. Please see the release notes for more information.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us