Skip to main content

Published Release Notes

Find release notes for the selected Pega Version and Capability

Browse resolved issues for Platform releases.

This documentation is for non-current versions of Pega Platform. For current release notes, go here.

Enabling security policies now requires current password

Valid from Pega Version 7.1.3

As part of Pega’s initiative to protect against malicious attacks, the change password dialog has been enhanced.  When Security Policies have been enabled for your system, new users or those with expired passwords will now be prompted for both their existing password as well as their desired new password.

For more details, review the Designer Studio > System > Settings > Security Policies landing page.

BIX performance improvements for CSV output in the Pega Cloud

Valid from Pega Version 7.2.1

BIX performance has been enhanced to download up to 25 GB of data per hour for extracts from a BLOB-less class table for CSV output. This high-throughput option is available only for Pega Cloud instances that use a Postgres database. This option is used automatically for these types of extracts.

When this option is used, the –x and –c command-line options for BIX are not supported, and the checkSum field in the manifest summary is not populated. If you need these options, you can revert to the previous implementation by using a setting in the prconfig.xml file.

For more information, see BIX high-throughput data downloads in the Pega Cloud.

Add custom HTTP response headers in your application

Valid from Pega Version 7.2.1

The Pega 7 Platform supports the addition of custom security HTTP headers that are supported by your browser. For example, you can now create custom X-Frame-Options, X-XSS-Protection, and Strict-Transport-Security headers. These headers improve the security of your application against client-based attacks.

For more information, see Creating a custom application header

Attribute-based access control model

Valid from Pega Version 7.2.1

Attribute-based access control (ABAC) is a security authorization model in which access rights are determined through the use of policies and attributes. A policy decision engine in ABAC evaluates digital policies against available data (attributes) to permit or deny access to the requested resource. For example, you can now determine access rights to cases by examining security attribute values assigned to the user and the case.

For more information, see Attribute-based access control.

The Scratch Pad tool is no longer available

Valid from Pega Version 7.3.1

The Scratch Pad tool is no longer available. To add properties to a report from an end user portal, use the Data Explorer. The Data Explorer provides an efficient way to find a property or calculation to include as a column in a report.

For more information, see Data Explorer.

Integrated Application Security Checklist helps you deploy a secure application

Valid from Pega Version 7.3.1

Pega® Platform now provides an Application Security Checklist that you can refer to when you prepare your application for deployment. By completing the recommended tasks in this checklist, you can track your progress, access instructional information for tasks, and verify that your configurations are secure.

For more information, see Preparing your application for secure deployment, Compliance Score tab, Designer Studio — Home page.

Encrypt sensitive case data by using a secure default Pega Platform cipher and AWS KMS keys

Valid from Pega Version 7.3.1

You can encrypt sensitive data within your application without having to write custom cipher classes. You can configure encryption on the Data Encryption landing page by using your own keys managed in your private Amazon Web Services Key Management Service (AWS KMS) instance. Pega® Platform encryption uses keys that are stored in AWS KMS to support both time-based and on-demand key rotation. Technical issues can arise in some cases, for example, if a key is deleted from AWS KMS.

For more information, see Potential problems with keystores when using AWS KMS, Configuring a Platform cipher, Types of ciphers.

REST services support password credentials and JWT Bearer grant types

Valid from Pega Version 7.3.1

Pega® Platform REST services now support password credentials and the JWT (JSON Web Token) Bearer grant type when you enable OAuth 2.0-based authentication. By using password credentials, you can quickly migrate clients from direct authentication schemes, provide additional flexibility when other grants are not available, and integrate your application with REST services in other applications. You can add compatibility with modern JWT-based cloud security IDPs by using the JWT Bearer grant type.

For more information, see About OAuth 2.0 Provider data instances, OAuth 2.0 Client Registration data instances - Completing the Client Information tab, Creating an Identity Mapping data instance.

Custom scaling on x-axis for bubble charts

Valid from Pega Version 7.3.1

Bubble charts now support custom scaling for the x-axis as well as the y-axis. For example, you can now configure a fixed range for the x-axis.

For information about including a chart in a report, see Adding or editing charts from the Report Definition rule form.

Enable users to save charts as .png files

Valid from Pega Version 7.3.1

You can now enable users to save a report chart as a .png file. On the Chart tab of the Report Definition rule form, click General settings and select the Export chart to image check box. When you select this option, users are provided with the Save as image option, which they can use to save an image of the chart to include in a Word document or email.

For information about including a chart in a report, see Adding or editing charts from the Report Definition rule form.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us