Pega ABAC (Attribute Based Access Control) is a model used to control user access to information in an enterprise system. It uses attributes associated with the user, the resource, and the environment in order to determine which users should be authorized or denied access to a resource. Pega ABAC also makes use of policies and rules to determine the level of access a user should have.
Pega Security is the system of tools, policies, user roles, and processes used to define and protect the use and management of the Pega platform and its data. Pega Security is designed to detect, prevent, and respond to security threats, risks, and attacks to the Pega platform, data, and applications. It also helps to ensure the privacy, integrity, and availability of customer data.
Pega Connect-REST supports multiple authentication schemes, including OAuth2, basic authentication headers, and custom headers.
OAuth2 is recommended for authenticated applications.
Basic authentication can be used if user identities are required, but these types of applications are often vulnerable to attack and require additional security measures.
Custom headers can be used to provide session-based authentication, where the header is passed with each request and contains authentication information.
Custom headers require additional development effort, but can provide more control over authentication and greatly improve security.
Authentication Profile in Pega Connect-REST allows for access to Secured REST services by specifying the credentials and security protocols. The profile is used to authenticate requests to external systems or access OAuth2 and OpenID Connect services for user-level authentication. Authentication Profile procedures can be configured to support Basic Authentication, OAuth2, and OpenID Connect protocols.
The authentication Profile in Pega Connect-REST is a set of configurations that defines the authentication mechanism and information used to authenticate an external system with the Connect-REST service. It includes a number of authentication details such as authentication type, trust store, user ID, password, OAuth configuration, and so on. An authentication profile also allows users to securely store and manage authentication tokens used in token-based authentication.
#security
We often see Queue processor activity or a Job scheduler activity runs longer than the threshold values which is directly impacting the performance of our applications, sometimes we don't know how to investigate those performance-related things.
Pega has come up with new alerts for Long-running queue processor and Job scheduler activities from Pega 8.5.
Pega now saves these alerts in the performance alert log. We can easily analyze these alerts directly in the log and address potential performance issues with long-running processes.
Multi-Select list control is added to user form so the users can select multiple values from the drop-down. These lists save time and ensure accuracy by supplying a list of valid values for an input field.
Sources for a Multi-Select list control:
