Support for the JSON Web Token Bearer grant type for accessing external APIs
Valid from Pega Version 8.4
You can now access external APIs by using the new OAuth 2.0 JSON Web Token (JWT) Bearer grant type, in an OAuth 2.0 authentication profile. To use the JWT Bearer grant type as a client assertion, source the JWT from an active SSO session, a token profile, or a property reference. You can use JWTs that you obtain during an OpenID Connect SSO in connectors, to achieve user impersonation flows, such as the On-Behalf-Of (OBO) flow. The OAuth 2.0 type authentication profile now also supports authentication of client applications by using Private Key JWTs.
Instances of the OAuth 2.0 provider are now deprecated. As a best practice, use the new, unified authentication profile configuration instead.
For more information, see Configuring an OAuth 2.0 authentication profile.
After an upgrade to Pega Platform 8.4 and later, Authentication Profiles can take advantage of the new JWT based OAuth 2.0 grant type and client authentication features. To take advantage of this and other new security features, you must update any existing Authentication Profiles formats must to use those in Pega Platform 8.4 and later.
What steps are required to update the application to be compatible with this change?
Since these features are available only for profiles created in Pega Platform 8.4 and later, clients must open and then save existing 'Authentication Profile' instances to ensure that the configuration is compatible with the latest authentication formats.
Custom application URL alias in the application definition
Valid from Pega Version 8.4
Create application URL aliases that support your ability to launch multiple Pega applications simultaneously in a single browser. This feature makes it easier for clients and your customers to log into multiple applications using the same browser and access them simultaneously. You configure your application URL alias in the application definition. For details, see Adding an application URL alias.
For more information, see Simplify access with an Application URL alias (8.4).
After an upgrade to Pega Platform™ 8.4 and later, review to determine if and how you must update your application rules to reflect the current URL aliasing format. As part of these application rule updates, Pega also updated the URL format and value components of the clipboard property, pxRequestor.pxReqServletNameReal, which you can use to discover a servlet name. If your application uses this property to discover a servlet name, update the pxRequestor.pxReqServlet property in the application rule to use the new, required URL and value formats.
For details steps, see the section, Upgrading from Pega 8.3 or earlier: Guidelines for any required changes in your application URL aliasing in the appropriate Pega Platform Upgrade Guide available at Deploy Pega Platform.
What steps should the customer take to update their application?
After upgrading, you must update your JMeter test scripts. For detailed steps, see Updating JMeter test scripts after migrating to Pega 8.4.
Valid from Pega Version 7.1.4
This release focused on improving the user experience of creating new rules and tightening up the use of specifications in the Case Designer. The layout of the New and Save As forms were made more intuitive and intelligent. Specification actions were made to be more consistent across various aspects of the Case Designer.
- After removing specification references, users can create and save a new specification.
- Developers may now choose either an existing specification or create a new one for subflows and Split-For-Each shapes.
- If a specification is not associated with flow shapes such as sub flows, Utilities, or Split-For-Each, it is possible to import speciications with the same names, and the flow shapes will default to using those imported specs.
- In the outline view, specification changes will be preserved when switching from tab to tab.
- The View Full Details functionality from either Configure Step or the Outline View will display all details, including the specification requirement links.