Skip to main content

Published Release Notes

Find release notes for the selected Pega Version and Capability

Browse resolved issues for Platform releases.

This documentation is for non-current versions of Pega Platform. For current release notes, go here.

Automate business process tracking by importing Excel files

Valid from Pega Version 8.5

To track business processes status and data, you can now import Excel files when you create a case or data object in App Studio. This functionality provides the following enhancements:

  • You can now upload a CSV file when you create a case or data object in App Studio. By importing a CSV file, you can use the data in your spreadsheet to define your data model.
  • You can generate a data import template that you can use to import a file in its original format during production.
  • You can upload .xlsx files to avoid resaving your Excel file as a CSV file.

For more information, see Creating a data model from a spreadsheet.

Data APIs support data exploration in React UI tables

Valid from Pega Version 8.5

Data APIs have been enhanced to support filtering, sorting, paging, and aggregation in React UI tables. You can use that functionality to access your data quickly and intuitively. For example, by using paging, you can query a data page to retrieve the second page of an employee contact list and specify the number of results that are displayed on the page.

For more information, see Data API performance and limitations.

Support for advanced validation of embedded and referenced data

Valid from Pega Version 8.5

To help you define validation conditions for a broader range of use case scenarios, Pega Platform™ now supports stage entry validation for embedded fields in the form of a validation matrix. You can now define validation conditions for both field groups and field group lists, and easily navigate between them. You can also select any fields and when conditions while building a condition for both field-level and stage-level validation.

For more information, see Validating field values for stage entry.

Support for application-specific REST API calls

Valid from Pega Version 8.5

You can now call an authenticated REST API in the context of any application that is listed on an operator record by using the application alias URL. With the application alias URL, you can also develop REST services without changing the access group in the service package. REST services run in the context of the access group that points to the provided application, instead of the access group that is specified in the service package.

For more information, see Invoking a REST service rule.

Complete email and notification approval in App Studio

Valid from Pega Version 8.5

App Studio now supports complete email approval configuration directly in the Case Designer. Email approval settings now include composing a new message or selecting a template, saving templates to a library for future reuse, and adding attachments to an email. Additionally, you can now send the approval as a push notification to mobile users. With full configuration of email approval in App Studio, you save time and create unique and personalized email messages and push notifications in a no-code, intuitive way. 

For more information, see Obtain approvals from email and push notifications from App Studio (8.5), Requesting approval by email and push notification.

Business logic routing of approval steps

Valid from Pega Version 8.5

Pega Platform™ now supports routing of approval steps by applying business logic, in both App Studio and Dev Studio. Business logic uses a set of conditions to determine the most appropriate worker to approve a case by routing the approval based on defined conditions. For example, in a loan request case, the application can route the approval step to a manager if the importance of the case is set to high. For greater accuracy, business logic can also use skill set, availability, and workload to determine the appropriate worker. With business logic routing, you increase work efficiency and speed up case resolution.

For more information, see Determine a relevant case approver by using business logic (8.5), Requesting approval from users.

Savable data pages support loading pages individually from a page list

Valid from Pega Version 8.5

You can now load individual pages in a page list from single object data pages to your case and data types. This functionality allows you to save autopopulated properties with the Load each page individually option using a flow action, save data page smart shape, or the activity method.

For more information, see Saving data in a data page as part of a flow.

Default Create stage in a case life cycle

Valid from Pega Version 8.5

Pega Platform™ now adds a default Create stage to a case life cycle every time you create a new case type, both in App Studio and Dev Studio. The default Create stage includes a view that users interact with to provide initial data before case processing begins. Consequently, you can now easily locate the view to make any necessary changes. In the background, the Create stage makes a case type independent from the starting process, which removes relevant advanced configurations and makes application development faster.

For more information, see Capture initial data faster with the default Create stage (8.5), The Create stage.

Improvements to OAuth 2.0 Services with Token Introspection Service and Token Denylist Service

Valid from Pega Version 8.5

Increase the security of user sessions by using the newly supported Token Introspection and Denylist services for OAuth 2.0.

Token Introspection service

Use the Token Introspection service to validate JSON Web Tokens (JWT). The Token Introspection service requires authentication. 

Pega now uses OAuth 2.0 access tokens called Authorized Access Tokens (AAT). 

Token Introspection service endpoint

The Token Introspection service endpoint provides the information about the status of access token and refresh token. Token introspection can be used to validate if a given token is still active or inactive. The token introspection endpoint determines whether the token is valid. The status indicates whether an access token or refresh token is valid or invalid: 

  • Valid tokens have the “active”:true status
  • Invalid tokens have the “active” :false status.

The inactive status can also be due to revocation. 

Token Denylist service

You can add tokens to the deny list in cases where suspicious activity might have occurred. The Token Denylist service provides a method for denying user access to the application by revoking the user's access token. This service can prevent a token from being used more than the specified number of times, which can be helpful in preventing replay attacks. Stolen tokens should be revoked using this service. A GET API is also available to get the list of denied tokens.

Keys endpoint

Pega Platform™ is changing from using opaque tokens to JSON Web (JWT) tokens. If this JWT is used by any other system, the public key is needed for signature verification. A new endpoint is exposed to provide these public keys in JWK format: https://host:port/prweb/api/oauth2/v1/token/keys.

 

For more information, see OAuth 2.0 Management Services.

Enhanced refresh token strategy

Valid from Pega Version 8.5

You now have more precise control over your refresh token expiration strategy. When a refresh token is enabled, you can choose to set its initial expiration based on the value provided by the IDP. The refresh token expiry can be derived from IDP’s session timeout when SSO is used with external IDP for user authentication in the authorization code grant flow. You can also specify a separate refresh token expiration strategy based on your use-case. 

These can be configured in the OAuth2 Client registration rule form.

For more information, see Enhanced refresh token strategy.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us