Hi all,

We have enabled the security policies in our application. It's in place and working as expected (say for e.g Pwd length should be 8 characters).
Now what we want is to exclude some of the operators from the security rules (e.g their pwd can be 'rules').

Any idea how do we do that??

Note: There is an Operator exclusion list present on the security page at the bottom, but what does is not what I am looking for. It just excludes operator from being disabled, but the security rules are applied as-is.

  • mahi
    Security policies in Pega work specific to the organization and not to any applications (or) operators (or) custom need. Which means, security policies provided in Pega will be common across an organization (Environment) and can't be specialized based on business need.

    Exclusion operation in security policies is intended for a different purpose. You can go through the usage of the security policies from our article.

    To answer your question, we might need to explain the limitation of the product to your client, or else we might need to disable OOTB security policies and should implement our application-specific security policies from scratch.

    Let us know if this helps 🙂

mahi
Security policies in Pega work specific to the organization and not to any applications (or) operators (or) custom need. Which means, security policies provided in Pega will be common across an organization (Environment) and can't be specialized based on business need.

Exclusion operation in security policies is intended for a different purpose. You can go through the usage of the security policies from our article.

To answer your question, we might need to explain the limitation of the product to your client, or else we might need to disable OOTB security policies and should implement our application-specific security policies from scratch.

Let us know if this helps 🙂

    Thanks for the response..
    Also one thing i would like to ask here, you mentioned security is common for organisation / environment.
    Plz let me know if my below understanding is correct:
    There is a Dev Instance : e.g abcorg-dev1.pega/prweb/prServlet and i configure security policy for any one of the application which is hosted on the above dev URL. Then that would be applicable for all the applications which are hosted on the system instance?

    Thanks in advance..

      mahi
      Yes, you are correct. In that case, it will be applicable to all the applications that get created in the same environment.

        Thanks, we can close the discussion.

          Write a Reply...

          -An Initiative Of OneStopPega- Love our work? Support Us🖤