Skip to main content
Verify the version tags to ensure you are consuming the intended content or, complete the latest version.

Attachment categories

The role of attachment categories

Cases may require that users upload documents needed to process and resolve the case. For example, an auto insurance claim may require the submission of an accident report and a repair estimate before a claim can be approved. To organize attachments, developers can create attachment categories to differentiate different attachments added to a case.

Attachment categories incorporate a security component. This component allows a developer to manage access to attachments at the category level; for example, allowing one group of users to access an accident report, and a different set of users to access a repair estimate.

Note: Managing attachment categories is only one aspect of securing an application. For a complete list of security leading practices, consult the Security Checklist awareness module and the Security Checklist for Pega Platform deployment.

For each attachment category, you can identify the types of allowed content, such as a file, URL, or scanned document. The available file types are described in the following table.

Attachment type Description
File A document file, for example, a Microsoft Office file
Note A note field for you to enter text
Screenshot An image file, for example, a JPG or PNG file
Scanned document A PDF, JPG, PNG, or TIFF file
URL A URL link to a web page
Correspondence A correspondence rule

Attachment category access control

Attachment categories allow developers to manage access to the attached content. You apply a privilege or when condition to an attachment category to allow or deny attachment actions to users.

Use a privilege or when condition to control access to an attachment category. When you add the privilege, select the actions to allow if the user has the privilege. For each when condition, select the actions to allow if the condition is true.

Tip: You can use the standard when rule Never to create an always-false condition to deny an action to users. Similarly, you can use the standard when rule Always to create an always-true condition to allow an action.

Users can perform an action on attachments in the category if they have at least one of the required privileges, and all of the when conditions for the action are true.

In the following image, click the + icons to learn more about an example configuration for an attachment category rule.

Caution: If you use a privilege or When rule to control access to a category, deselecting an action is not sufficient to deny access to the action. In the previous example, the when rule IsCurrentStageSubmit is insufficient to prohibit users from deleting an attachment if the condition returns a value of false.

Attachment-level access control

You can secure individual files within an attachment category to restrict access to the attachment itself.

Configure attachment-level access control to allow users to determine who can access a specific attachment within the category. When users add an attachment to the category, they identify one or more work groups to which access to the attachment is allowed.

To enable attachment-level access control, select the Enable attachment-level security check box on the Security tab of the Attachment category record.

Check your knowledge with the following interaction.


This Topic is available in the following Module:

If you are having problems with your training, please review the Pega Academy Support FAQs.

Did you find this content helpful?

50% found this content useful

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega Academy has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice