Skip to main content


         This documentation site is for previous versions. Visit our new documentation site for current releases.      
 

Defining a run-time configuration for an access group

Updated on March 15, 2022

You can define settings for an access group that are related to run-time rulesets and accessibility for users and other requestors who belong to an access group.

Before you begin: You must complete one of the following tasks before defining a run-time configuration for an access group:
  • Create an access group as described in Creating an access group.
  • Open an existing instance from the navigation panel by clicking RecordsSecurityAccess Group and selecting an instance.

To define a run-time configuration for an access group, click the Advanced tab and navigate to the Run time configuration section. Choose any of the following options.

  • To provide users with more accessible versions of several standard harness, section, and flow actions , select Enable accessibility add-on.
    To provide maximum accessibility support, include the PegaWAI ruleset in the Production Rulesets list for such users. For more information, see Understanding accessibility.
  • For users who belong to the access group and who have design-time permission in a production setting, provide the names of one or more Production Rulesets that contain the updated rules.
    For example, in a production setting, you can identify one ruleset and version that remains unlocked and holds only rules that are expected to change often. Such rules can be delegated to management. A ruleset with this purpose is sometimes called a local-only or production ruleset.
    Caution: Leave this blank except for developers and other users who modify rules. While your profile includes the ruleset versions listed here, they are not considered part of the current application. Rules in the ruleset versions listed here might not be visible in the Application Explorer, Guardrails tool, or Document wizard facilities.

    As a best practice for good security, and to avoid a warning when you save the Access Group form, select from the ruleset versions that appear in the Production Rulesets (customization) array on the Definition tab of the Application rule.

    The system uses this information at log-on time to assemble the ruleset list for this user. The order of your entries in this array affects rule resolution. At login, the system appends these entries to the top of your ruleset list, but starting at the bottom of this array. The order of rows in this array becomes the order in which they appear in the ruleset list.

    Except for access groups that have the PegaRULES:WorkUser4 role, include at least one ruleset version that is not locked. If all ruleset versions that a user can access are locked, the user cannot create new rules. Typically, managers have access to a local customized ruleset for storing only those rules that are personal, customized versions of reports.

    Note: List distinct rulesets here. A user or other requestor can access rules in only one major version of a ruleset. For example, access to version 04-10-15 includes access to 04-10-14 and 04-04-11, but not to 03-01-01 or 02-15-07.
    For example:

    If, during sign-on, the access group is accessed when the (partial) ruleset list contains Alpha:01, Beta:02, and Gamma:03 (in that order), and this array contains Red:07, Blue:08, and Green:09 (in that order), the result is Red:07, Blue:08, Green:09, Alpha:01, Beta:02, Gamma:03.

    You can include a full version number or an initial portion of a version number. Separate the ruleset name from the version (or partial version) with a colon, as in these examples:

    • MORTGAGE:02-07 – Initial portion (major and minor version)
    • MORTGAGE:02-07-20 – Full version number
  • Previous topic Configuring security settings for an access group
  • Next topic Defining a design-time configuration for an access group

Related articles

Learning about access groupsCreating an access group

Tags

Pega Platform 8.7 Security

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Visit the Support Center

Did you find this content helpful?

Yes
No

Want to help us improve this content?
Suggest an edit

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us