Skip to main content


Verifying requests when using custom controls

Suggest edit Updated on June 30, 2021

Pega Platform protects access to information in your application by using role-based settings and access control policies. Pega Platform provides additional request verification when you use autogenerated controls.

To identify the rules that you need to configure, see Identifying the custom controls to configure.

When you see the message "Unregistered request encountered" in the security alert log, you need to fix the behavior of the non-autogenerated control that invokes the specified activity. There are three ways to register the rule or encrypt the URL to prevent this alert from being logged, depending on the rule type.

  1. Configuring the custom control by using the rule form — Use the rule form when a control such as a button calls the Run Script action, which in turn calls a custom function.
  2. Configuring the custom control by encrypting the URL in JavaScript — Use JavaScript when you cannot use the rule form and your control calls custom JavaScript.
  3. Configuring the custom control by registering the action page in Java — Use Java when your control calls a custom rule (other than a function) and you do not have access to JavaScript.
Did you find this content helpful? YesNo

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Ready to crush complexity?

Experience the benefits of Pega Community when you log in.

We'd prefer it if you saw us at our best. is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us