Skip to main content

Published Release Notes

Find release notes for the selected Pega Version and Capability

Browse resolved issues for Platform releases.

This documentation is for non-current versions of Pega Platform. For current release notes, go here.

Enabling security policies now requires current password

Valid from Pega Version 7.1.3

As part of Pega’s initiative to protect against malicious attacks, the change password dialog has been enhanced.  When Security Policies have been enabled for your system, new users or those with expired passwords will now be prompted for both their existing password as well as their desired new password.

For more details, review the Designer Studio > System > Settings > Security Policies landing page.

BIX performance improvements for CSV output in the Pega Cloud

Valid from Pega Version 7.2.1

BIX performance has been enhanced to download up to 25 GB of data per hour for extracts from a BLOB-less class table for CSV output. This high-throughput option is available only for Pega Cloud instances that use a Postgres database. This option is used automatically for these types of extracts.

When this option is used, the –x and –c command-line options for BIX are not supported, and the checkSum field in the manifest summary is not populated. If you need these options, you can revert to the previous implementation by using a setting in the prconfig.xml file.

For more information, see BIX high-throughput data downloads in the Pega Cloud.

Add custom HTTP response headers in your application

Valid from Pega Version 7.2.1

The Pega 7 Platform supports the addition of custom security HTTP headers that are supported by your browser. For example, you can now create custom X-Frame-Options, X-XSS-Protection, and Strict-Transport-Security headers. These headers improve the security of your application against client-based attacks.

For more information, see Creating a custom application header

Support for encrypted traffic in a cluster

Valid from Pega Version 7.3

The Pega 7 Platform includes the Ignite platform, which supports encryption for intra-cluster communications. You can now configure encryption for intra-cluster traffic for compliance with regulatory or organizational security requirements.

For more information, see Enabling encrypted traffic between nodes.

Attribute-based access control model

Valid from Pega Version 7.2.1

Attribute-based access control (ABAC) is a security authorization model in which access rights are determined through the use of policies and attributes. A policy decision engine in ABAC evaluates digital policies against available data (attributes) to permit or deny access to the requested resource. For example, you can now determine access rights to cases by examining security attribute values assigned to the user and the case.

For more information, see Attribute-based access control.

Chart drilldown capabilities extended to dashboard widgets

Valid from Pega Version 7.3

When the chart for a report is displayed in a dashboard widget, you now can click any part of the chart to drill down and view the subset of data for that part. This enhancement provides you with an accurate view of the data that determines the report results. Previously, this capability was provided only in the Report Viewer.

Enhancements to exporting report results to Excel

Valid from Pega Version 7.3

When you export report results to Excel, the .xlsx file that the export process generates is smaller, opens faster, and no longer displays a security warning when you open it. Excel handles more of the formatting, and DateTime, Date, TimeOfDay, and Numeric properties are exported in a format that Excel recognizes. In addition, columns have sorting and filtering enabled by default.

These enhancements are enabled by default and provide improvements to performance and memory usage, especially with large data sets. You can disable this new default behavior by modifying the pyEnableExportToAdvancedExcelFormat when rule. For more information, see Disabling the default functionality for exporting reports to Excel.

Monitor standard and custom security events

Valid from Pega Version 7.3

From the new Security Event Configuration landing page, you can select the standard and custom security events that you want the Pega 7 Platform to log automatically for every user session. The security events are grouped into the following types:

  • Authentication
  • Data access
  • Security administration
  • Custom

The API logCustomEvent() is provided so that you can create custom security events that are specific to your applications and that can be monitored by the Pega 7 Platform. For more information, see Security Event Configuration.

SAML configuration supports global resource settings

Valid from Pega Version 7.3

In the SAML Authentication Service form, you can now use global resource settings, which allow greater flexibility for values that change compared to using fixed text values. Apply global resource settings, which are dynamic values, in the Identity Provider (IdP) information section and the Service Provider (SP) settings section of the form.

For more information, see Authentication Service form - Completing the SAML 2.0 tab.

Restrict visibility of scalar property values for certain users

Valid from Pega Version 7.3

You can use the Access Control Policy rule to mask individual scalar property values from specified users. You can restrict visibility for the following property types:

  • DateTime
  • Integer
  • Text

For more information, see Masking property visibility for users.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us