Defining security information for an operator

Use the Security tab to manage operator authentication, passwords, and license type, to allow rule check out, and to enable and disable the operator.

Note: The Unattended operator (robot) check box is selected if this operator is a robotic automation virtual machine (VM). Unattended operators are generated for each registered VM in a robotic process automation (RPA) solution.
  1. To change an operator's password, click Update password.
    1. In the Change Operator ID Password dialog box, in the New Password field, enter the new password.
    2. In the Confirm New Password field, reenter the password to confirm it.
    3. Click Submit.

    The system converts the password to a hash value by using the salted bcrypt algorithm. The hashed value is contained within the Storage Stream (BLOB) column of the pr_operators table. By using the View XML action, you can discover only the hashed form of any operator password.

    You can set the password policy from Configure > System > Settings > Security Policies.

    As a security feature, the passwords for [email protected] and three other initial operator IDs can be changed only by logging in as one of those operators.

  2. Optional: To allow this operator to update rules in rulesets that use rule checkout, select the Allow rule check out check box.
  3. Optional: To authenticate this operator only through external authentication facilities, select the Use external authentication check box.
  4. Optional: To force the operator to change their password next time the operator logs in, select the Force password change on next login check box.
  5. Optional: To disable the operator, select the Disable Operator check box.
    Note: If the operator is provided with Pega Platform, enter a new password that is consistent with your security policies. Change the password by clicking Update Password and send the new password to the enabled operator.
  6. Optional: In the Starting activity to execute field, specify the first activity that the system runs after this user is authenticated. The default is Data-Portal.ShowDesktop.
  7. In the License type list, click the license type.
    • Named – Human users who do business operations by using an application or customer-created interface
    • Invocation – Abstract users that are used for agents, services, and other background processes, and external users whose processing is typically done through the Directed Web Access feature