Skip to main content

Pega Customer Service for Insurance modified rules for BAC prevention

Suggest edit Updated on September 10, 2021

In release 8.3 and 8.5, Pega Customer Service for Insurance has modified the rules that invoke secured activities in Pega Platform. The query strings and parameters in the calls are registered so that they cannot be tampered with by the end users.

To see the list of modified rules for Pega Customer Service for Insurance, download the CSI-List-of-Rules-URL-Tampering.xlsx and CSI-85-List-of-Rules-URL-Tampering.xlsx files.

If you have overridden any of these rules in your Pega Customer Service for Insurance implementation layer, you need to update them with the changed rules. Run the Upgrade Checker to identify which of these changed rules are overridden in your implementation layer. For information about the Upgrade Checker, see the Pega Customer Service for Insurance and Pega Sales Automation for Insurance Upgrade Guide on the Pega Customer Service for Insurance product page.

For information about the enhancements to prevent Broken Access Control (BAC), and to see a list of rules and activities that were modified for all Pega Customer Service applications, see Pega Customer Service enhancements to prevent Broken Access Control.

  • Previous topic Support for integration with a third-party claims system
Did you find this content helpful? YesNo

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us