Skip to main content

         This documentation site is for previous versions. Visit our new documentation site for current releases.      

This content has been archived and is no longer being updated.

Links may not function; however, this content may be relevant to outdated versions of the product.

Security assets and the environment

Updated on July 1, 2021

Beyond authentication, authorization, and auditing, Pega Platform offers many other security features that you can configure, such as encryption, HTTP response headers, and Web Service Security profiles. Use these features to ensure that your system is as secure as possible.

  • Encrypting data

    To make your data more secure, you can select the type of encryption to use in your application to encrypt and decrypt passwords, properties, and BLOBs.

  • OAuth 1.0 clients

    The OAuth standard framework enables secure, delegated access to services over HTTPS. OAuth provides tokens (sometimes called "valet keys") that provide access to your data that is hosted by a specific service provider. Each token grants access to a specific site for specific resources, for a defined period of time. A later version of this protocol, OAuth 2.0, uses a different data instance type.

  • Encrypting system data by using a custom key management service

    You can encrypt system data by using an encryption key that is sourced from a custom key management service that is accessed from a data page. You source a key in this way when you use a key management service that is not one of the supported keystore platforms.

  • Changing the default keystore caching settings

    You can change the values of the KeyStoreCacheExpireTime and KeyStoreCacheSize settings to control how often the keystore cache is refreshed and to restrict cache size. The lower the values, the less memory is used, but processing power is reduced.

  • Importing an X.509 certificate

    You can import X.509 certificates that are defined in keystore instances of type JKS or PKCS12. They become active without your having to restart the server.

  • Securing your application for mashup communication

    If you use the mashup feature to embed Pega Platform content in an external application, define the external URLs that are allowed to access Pega Platform so that the host page can communicate with the mashup gadget page.

  • Securing an Activity

    You can better protect your application by limiting how an Activity can be executed and who may execute it by configuring Activity-specific access control.

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best. is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us