Provide access to applications for any person or external system signing in through the
Optionally, identify an access group — or in special situations, more than one access
group — to be available to requestors of this type. As a user or other requestor signs on, the
system adds the RuleSets and versions in the application rules of the selected access group to
the user's RuleSet list.
|Define this requestor type using|| Select |
an Application-based Access Group.
|Access Group Name||Optional. Identify an access group that contains an application rule and one or
more access roles. The RuleSets and versions identified in the application rule in
this access group become visible (to rule resolution) for all requestors of this
Except as described below, enter only one row in this array, and select the
radio button for that row.
BATCH instance, you can list additional access groups
that are to be available to legacy agents, for the agents where the
Agents field on the Security tab
of the Agent Queue data instance is blank.
- For example, list access groups for the Pega-ProCom agent here; the agent
needs application-specific access to send correspondence and to find and enforce
service-level agreements (SLAs).
- If the Agents field on the
Security tab of the Agent Queue data instance is not
blank that access group is used, and the list in the
requestor data instance is ignored.
BROWSER instance, you can list additional access
groups that are to be available to all browser users — including unauthenticated
users — through the application switching facility.
You may enter additional access groups in this array for requestor data
instances other than the
- As a best practice to restrict access to authenticated users, list such
access groups in an Organization data instance, rather than in the
BROWSER requestor data instance.
- It is required to distinguish unauthenticated access groups from authenticated
access groups. Therefore, any access groups specified here must NOT match access
groups specified for operators.
- Standard rules ignore all rows except the single access group that is marked
with a selected radio button.
- This array is not a means to provide more than one access group to services or
These fields appear for Requestor Type data instances with
Lists of RuleSets and Roles. This approach is deprecated for new
|STARTING RULESETS||RuleSet or RuleSet:Version. Order is significant.|
|STARTING ROLES||Access role. Order is not significant.|