INC-196623 · Issue 686131
Chatbot outbound message formatting corrected
Resolved in Pega Version 8.7
Chatbot outbound responses were displaying appended br tags for next line in the messages. This was due to a formatting error in the menu (message type) title, and has been corrected.
INC-197116 · Issue 684955
Handling updated for migrated cases
Resolved in Pega Version 8.7
When performing a contact search in an interaction case that was migrated from an earlier version, clicking the Add Task button generated an exception when executing pzSendFeedbackToNLP(step 9) > pzFindTopicModel. This was traced to an unnecessarily call to pzMigrateInteractionCases each time a migrated case was opened, and has been resolved by updating the system to use JumpToLaterStep in Step1 of pzCheckAndMigrateInteractionCases to avoid calling MigrateCase again.
INC-201334 · Issue 690735
ADMinputsource field population updated to handle transactional decisions
Resolved in Pega Version 8.7
The CaptureResponse flow was failing while writing to AdaptiveAnalytics with the error "IllegalArgumentException - argument does not represent JSON object". This occurred while running an outbound campaign where a few decisions were treated as transactional and did not have Model executions. Attempting to set a response for these decisions resulted in a JSON parse exception being thrown due to pxADMInputs not being populated (no models executed). This occurred only when using transactional actions in CDH, and was caused by the system only including predictive models during the make decision flow due to common inputs not being stored. While there was a workaround of overriding the property pzADMInputSource to use modelReferences instead of admInputContainer, this has been resolved by correcting how the pzADMinputsource field is populated. When there is no modelInput, the system will not populate that field so the page is ignored.
INC-201335 · Issue 690733
ConfigurationReconciliationTask updated for greater compatibility
Resolved in Pega Version 8.7
After updating from Pega 8.3 to Pega 8.6, models which previously had learning and performance AUC greater than 0.7 reported an AUC of 0.5. This was traced to the update handling in ConfigurationReconciliationTask. AdmRuleBrowser does not perform ruleset resolution, so all rules were returned, for example the rule for model A in both the 08-01 and 08-03 ruleset. The system then iterated over all of the adaptive model rules returned by AdmRuleBrowser in order to assess whether a configuration update was necessary. The condition to update the model rule was met when either the config key did not exist (indicating a newly added configuration) or the model rule was "old" (version <2). For models generated in Pega 8.3 or earlier the version number for all rules must be 1, and the update to Pega 8.6 therefore caused the ConfigurationReconciliationTask to be applied to all adaptive model rules. To resolve this, the configuration update check in ConfigurationReconciliationTask has been removed.
INC-157095 · Issue 638808
Enhancement added for tenant-level authentication
Resolved in Pega Version 8.7
In a multi-tenant PDC with a few tenants that utilize their own custom SSO, a pre-authentication activity inside a tenant that should block community access was also affecting tenants that did not have that pre-auth activity set. This was a missed use case and has been resolved by adding a tenantId hash in SchemePRAuth.makeUniqueSchemeName() to create the authServiceName.
INC-162434 · Issue 640051
LookUpList correctly executes during SSO login with model operator
Resolved in Pega Version 8.7
After configuring SSO to create operators on fly using a model operator, a new user logging in for the very first time had their operator ID created using the model operator, but after upgrade new users logging in to the system received the error "Only authenticated client may start this activity: RULE-OBJ-ACTIVITY @BASECLASS LOOKUPLIST". This was due to the methods used for additional security on the activity @baseclass LookUpList which allows it to only be run by authenticated users, and has been resolved.
INC-163201 · Issue 646910
BrowserFingerprint updated
Resolved in Pega Version 8.7
Security improvements have been added to the browser fingerprint process.
INC-163914 · Issue 668846
Improved Agile Studio passivation recovery
Resolved in Pega Version 8.7
When an Agile Studio session was passivated, the error "SECU0008 : CSRF Detected and Blocked" was seen. Reactivating the session resulted in a blank page. This was traced to the clearing of requestor level registrations added for that particular thread, and has been resolved by adding a new flag to identify if a thread is passivated along with the necessary structure for the conditionalized clearing of requestor level registrations based on this flag.
INC-164336 · Issue 634151
URL validation updated to handle custom token endpoints
Resolved in Pega Version 8.7
While saving an authentication profile with OAuth details, validation was failing for a valid URL given in the access token endpoint and revoke token endpoint fields. This was traced to the use of the Apache URL validator, which considered some domains to be invalid. To resolve this, the urlvalidator constructor has been updated to include a custom RegexValidator for access token and refresh token URLs.
INC-168837 · Issue 646972
CSRF token updated for use with OKTA login
Resolved in Pega Version 8.7
An issue seen while connecting via OKTA has been resolved by updating the CSRF token validation for use with IDP initiated SSO login.