Skip to main content

Published Release Notes

Find release notes for the selected Pega Version and Capability

Browse resolved issues for Platform releases.

Add the security checklist to applications created before 7.3.1

Valid from Pega Version 7.3.1

The security checklist is now automatically added to applications. You can manually add the security checklist to applications that were created in earlier versions.

You can improve the security of your application by completing the tasks on the checklist.

The following task reflects the procedure on how to manually add the security checklists to Designer Studio prior to 7.3.1:

  1. In the header of Designer Studio, click the name of the application, and then click Definition.
  2. Click the Documentation tab.
  3. In the Application guides section, click Add guide.
  4. In the Application guide& field, enter pxApplicationSecurityChecklist.
  5. Click the Configure icon in the Available in column and select the portals (App Studio and Dev Studio) that you want to add the security checklist to.
  6. Click Save.

Generate documents in the background

Valid from Pega Version 7.1.8

When you generate system documentation by using the Document Application wizard (Designer Studio > Application > Tools > Document), the process now runs on a server and not on your local client system. This change not only generates your document more quickly, but also allows you to multi-task within Pega 7 while your document is generating in the background. When the generation is completed, download the document to your computer.

For more information, see:

Updating customized Application Document templates with server-side document generation

Screenshot generation still runs on local client

Warning message when opening server-generated documents

Screenshot generation runs on local client

Valid from Pega Version 7.1.8

If you generate screenshots to include in your application document, this process still runs on your local client. Additionally, you are still required to use Internet Explorer to use this feature.

Warning message when opening server-generated documents

Valid from Pega Version 7.1.8

Depending on your system configuration, the following warning message might be displayed when you open a document that was generated on the server.

If you click No, certain content (for example, Table of Contents) is not populated in the document. Instead, click Yes and save the document.

Warning message dialog

The warning message that displays

Link URLs to applications, requirements, and specifications

Valid from Pega Version 7.1.8

In addition to files, you can now attach URLs to applications, requirements, and specifications by using the Add/Edit Attachment modal dialog box in Pega 7. This change allows you to link directly to dynamic content in other URL-based systems rather than link to a static file of that content.

Improvements to the Document Application tool

Valid from Pega Version 7.2.1

Application profile documents and application documents generated by the Document Application tool have been improved to present information in a more logical order based on how the application was built (for example, by case life-cycle management). Also, these types of documents now include all specifications linked with an implementation rule, presented in logical order under the implementation rule.

In addition, to help you more efficiently drive decisions by stakeholders, you can specify whether to include related built-on application layer assets in application profile documents and application documents. For specification documents, you can specify whether to include specifications from the built-on application layer.

For more information, see Document Application tool.

Add custom HTTP response headers in your application

Valid from Pega Version 7.2.1

The Pega 7 Platform supports the addition of custom security HTTP headers that are supported by your browser. For example, you can now create custom X-Frame-Options, X-XSS-Protection, and Strict-Transport-Security headers. These headers improve the security of your application against client-based attacks.

For more information, see Creating a custom application header

Associate specifications on implementation rule forms

Valid from Pega Version 7.2.1

You can now view, add, and delete the specifications that are associated with a rule on the new Specifications tab of most rule forms. The Specifications tab is available for almost all implementation rules, except for administrative and deprecated rule types. By associating specifications with the rules that implement them, you improve the end-to-end traceability of your specifications.

For more information, see Associating specifications on implementation rule forms.

Attribute-based access control model

Valid from Pega Version 7.2.1

Attribute-based access control (ABAC) is a security authorization model in which access rights are determined through the use of policies and attributes. A policy decision engine in ABAC evaluates digital policies against available data (attributes) to permit or deny access to the requested resource. For example, you can now determine access rights to cases by examining security attribute values assigned to the user and the case.

For more information, see Attribute-based access control.

Integrated Application Security Checklist helps you deploy a secure application

Valid from Pega Version 7.3.1

Pega® Platform now provides an Application Security Checklist that you can refer to when you prepare your application for deployment. By completing the recommended tasks in this checklist, you can track your progress, access instructional information for tasks, and verify that your configurations are secure.

For more information, see Preparing your application for secure deployment, Compliance Score tab, Designer Studio — Home page.

Ready to crush complexity?

Experience the benefits of Pega Community when you log in.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us