Skip to main content

Published Release Notes

Find release notes for the selected Pega Version and Capability

Browse resolved issues for Platform releases.

This documentation is for non-current versions of Pega Platform. For current release notes, go here.

Support for the JSON Web Token Bearer grant type for accessing external APIs

Valid from Pega Version 8.4

You can now access external APIs by using the new OAuth 2.0 JSON Web Token (JWT) Bearer grant type, in an OAuth 2.0 authentication profile. To use the JWT Bearer grant type as a client assertion, source the JWT from an active SSO session, a token profile, or a property reference. You can use JWTs that you obtain during an OpenID Connect SSO in connectors, to achieve user impersonation flows, such as the On-Behalf-Of (OBO) flow. The OAuth 2.0 type authentication profile now also supports authentication of client applications by using Private Key JWTs.

Instances of the OAuth 2.0 provider are now deprecated. As a best practice, use the new, unified authentication profile configuration instead.

For more information, see Configuring an OAuth 2.0 authentication profile.

Upgrade impact

After an upgrade to Pega Platform 8.4 and later, Authentication Profiles can take advantage of the new JWT based OAuth 2.0 grant type and client authentication features. To take advantage of this and other new security features, you must update any existing Authentication Profiles formats must to use those in Pega Platform 8.4 and later.

What steps are required to update the application to be compatible with this change?

Since these features are available only for profiles created in Pega Platform 8.4 and later, clients must open and then save existing 'Authentication Profile' instances to ensure that the configuration is compatible with the latest authentication formats.

Custom application URL alias in the application definition

Valid from Pega Version 8.4

Create application URL aliases that support your ability to launch multiple Pega applications simultaneously in a single browser. This feature makes it easier for clients and your customers to log into multiple applications using the same browser and access them simultaneously. You configure your application URL alias in the application definition. For details, see Adding an application URL alias.

For more information, see Simplify access with an Application URL alias (8.4)

Upgrade impact

After an upgrade to Pega Platform™ 8.4 and later, review to determine if and how you must update your application rules to reflect the current URL aliasing format. As part of these application rule updates, Pega also updated the URL format and value components of the clipboard property, pxRequestor.pxReqServletNameReal, which you can use to discover a servlet name. If your application uses this property to discover a servlet name, update the pxRequestor.pxReqServlet property in the application rule to use the new, required URL and value formats.

For details steps, see the section, Upgrading from Pega 8.3 or earlier: Guidelines for any required changes in your application URL aliasing, in the appropriate Pega Platform Upgrade Guide available at Deploy Pega Platform

What steps should the customer take to update their application?

After upgrading, you must update your JMeter test scripts. For detailed steps, see Updating JMeter test scripts after migrating to Pega 8.4.

Addition of Servlet Management

Valid from Pega Version 8.6

Pega Platform™ now has Servlet Management in Pega Cloud® Services, which provides a simple and secure way to make changes to Pega Platform servlet definitions.

Servlet Management provides Pega Cloud Service clients with solutions to manage servlet configurations with self-service options. This reduces the cycle time for delivering configuration changes in Pega Cloud Service installations while also improving upgrade reliability

For more information, see Servlet management.

Upgrade impact

Clients with no application servlet customizations will not experience an impact. If you upgrade from Pega Platform version 8.5 or earlier and, prior to the upgrade, the Pega Cloud team provided your application servlet customizations, then following the upgrade, you must manually add, remove, or modify your servlet customizations in your upgraded application using this servlet management landing page in Pega Platform.

What steps are required to update the application to be compatible with this change?

To manually move your pre-upgrade servlet customizations as appropriate or add new ones to your upgraded application using the new servlet management landing page, follow the steps in Adding a servlet.

Upgraded selected third-party JAR files to support Pega Platform functionalities

Valid from Pega Version 8.6

Pega Platform™ 8.6 now provides upgraded versions of the JAR files that support various functionalities within the Platform, such as generating documents or PPTX files.

Upgrade impact

If you have custom implementations and use any classes from the upgraded JAR files directly in your code or through JAR APIs, after your upgrade to Pega Platform 8.6, your application might experience unexpected run-time behavior if the upgraded JAR version lacks any elements from the previous version. For example, custom implementations can typically include activities, functions, or non-autogenerated sections. Unexpected run-time behavior might also occur when you use a third-party library that has dependencies on the upgraded JAR files. If you use only default Pega Platform functionalities without any customizations, the JAR files continue to work correctly without any additional actions.

What steps are required to update the application to be compatible with this change?

If you have any JAR customizations, ensure that you test the upgraded JAR files for compatibility and upgrade impact. The following table lists the upgraded JAR files that might impact your application:

JAR file nameUpgraded version
apache-mime4j-core0.8.3
apache-mime4j-dom0.8.3
commons-codec1.15
commons-collectionons44.4
commons:commons-math33.6.1
commons-compress1.20
commons-lang33.9
fontbox2.0.19
httpclient4.5.12
httpcore4.4.13
httpmime4.5.12
istack-commons-runtime3.0.8
jackson-annotations2.10.3
jackson-core2.10.3
jackson-databind2.10.3
jaxb-runtime2.3.2
java-libpst0.9.3
jcommaner1.78
junrar4.0.0
metadata-extractor2.13
openjson1.0.11
parso2.0.11
pdfbox2.0.19
poi4.1.2
poi-ooxml4.1.2
poi-ooxml-schemas4.1.2
poi-scratchpad4.1.2
slf4j-api1.7.28
xmlbeans3.1.0
xmpcore6.1.10

For more information, refer to the documentation of  your JAR provider.

Insights from 8.5 require additional configuration after upgrade

Valid from Pega Version 8.6

Upgrade impact

After you upgrade Pega Platform™ version 8.5 to 8.6, the Explore Data landing page might not include insights that come from the earlier version of the product.

What steps are required to update the application to be compatible with this change?

Run the pxUpgrade85Insights activity to make all insights from version 8.5 accessible for you in 8.6. By running this activity, you upgrade insights with new metadata that is required in version 8.6. For example, the pxUpgrade85Insights activity provides you with the option to set the visibility of insights to private, public or shared.

For more information about insights, see Visualizing data with insights.

New privilege required to access the Search landing page

Valid from Pega Version 7.4

After upgrading to Pega® Platform 7.4, users who do not have the pxAccessSearchLP privilege cannot access the Search landing page. The pxAccessSearchLP privilege is automatically assigned to the SysAdm4 role. If you have other roles that require access to the Search landing page, you must add the pxAccessSearchLP privilege to those roles.

For more information about assigning privileges to roles, see User privilege authorization. (Link to: basics/v6portal/landingpages/accessmanager/customizeprivilegestab.htm)

Known issue: SAML IdP import uses only the last certificate

Valid from Pega Version 7.4

When you configure the identity provider for a SAML SSO authentication service, the backing keystore rule for the verification certificate is created with only the last certificate from the IdP metadata, instead of using all of the certificates. 

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us