When first installed, your system contains only certain access groups, each linked to the standard application rule PegaRULES.06.01.zz.
Caution: To protect the integrity of your Pega 7 Platformsystem and to avoid upgrade issues, you cannot update these access groups. As a best practice, use the New Application wizard to create access groups and Operator IDs for your organization.
To list all of the access groups on your system, select Designer Studio > Org & Security > Security > Access Groups.
Name |
Purpose |
PRPC:Administrators |
An access group that serves as a template for access groups for developers, system administrators, and other users of the Designer Studio. Caution: Except upon initial use of a newly installed Pega 7 Platform system, do not log in with Operator IDs that directly reference this access group, which has special restrictions preventing certain updates. Instead, create organization-specific operators and access groups using the Organization Setup gadget. See More about Access Groups. |
PRPC:Agents |
For all Note: For service requests, this access group applies only temporarily, until the system finds the service package, typically using a key part provided by the listener or the arriving request. At that point, the access group in the Service Package data instance (Data-Admin-ServicePackage class) applies, whether or not the service request is to be authenticated. That access group can provide the service with access to other RuleSets, privileges, and access roles. If you edit Data-Admin-Requestor.BATCH such that it no longer has access to the PRPC:Agents access group and then upgrade the Pega 7 Platform, the system may fail to start after the upgrade. |
PRPC:PortalUsers |
For JSR-168-compliant portlet access. See About Service Portlet rules. |
PRPC:Unauthenticated |
For guest users. |
PRPC:WorkManagers |
For managers. This is a sample; create access groups for managers that provide access to the portal, RuleSets, and privileges appropriate to their needs. |
PRPC:WorkUsers |
For users who are not managers. This is a sample; create access groups for managers that provide access to the portal, RuleSets, and privileges appropriate to their needs. |
These are retained to support applications created in Version 4.2 and Version 5.X systems. They are deprecated and not recommended for continued use.
Name |
Purpose |
PegaRULES:Administrators | Deprecated. Use the Administrators access group shipped with the product. |
PegaRULES:WorkManagers | Deprecated. Use the WorkManagers access group shipped with the product. |
PegaRULES:Agents | Deprecated. Use the Agents access group shipped with the product. |
PegaRULES:PortalUsers | Deprecated. Use the PortalUsers access group shipped with the product. |
PegaRULES:Unauthenticated | Deprecated. Use the Unauthenticated access group shipped with the product. |
PegaRULES:WorkUsers | Deprecated. Use the Administrators access group shipped with the product. |
PegaRULES:ProcessArchitects | Deprecated. Use the Administrators access group shipped with the product. |
PegaRULES:SystemArchitects | Deprecated. Use the Administrators access group shipped with the product. |