Skip to main content

Reviewing access control policies

Pega Community logo

Note: The following content, referenced from Pega Community, is included here to help you better achieve the module learning objectives.

In your application, you can view access control policies that are based on a specific action a user can perform. By viewing these policies, you can determine whether any new policy needs to be added, changed, or deleted in your application.

Before you begin:
  • To view the Policy Management landing page, you must have the pzCanManageSecurityPolicies privilege, which is included in the PegaRULES:SecurityAdministrator role.
  1. In the Dev Studio, click Configure Org & Security Authorization Policy-Based Access Policy Management .

  2. In the Application list, select the application for which you want to view the access control policy.

  3. In the Target class field, press the Down Arrow key, and then select the class to which the policy applies.

  4. In the Action list, select the type of policy to view.

    1. If you select PropertyRead in the Action field, enter the property name to view in the Property field.

  5. Click Search policies.

  6. Review the results, and then update the policy as needed.

    If any results are found:

    1. Hover over the Policy condition column to display the conditions that are applied in the policy.

    2. If you selected a PropertyRead action, click the value in the Policy scope column to display the properties that the policy secures and which restriction method the policy applies to those properties.

    3. In the Actions column, choose one of the following actions for each policy.

      • Open the policy rule form.

      • Create a policy in the target class that you specified in the search.

      • Withdraw the policy.

    If no results are found, you can create a new policy by clicking Create policy.

  7. If you make any changes to the policies (for example, the policy name or action), click Search policies again to refresh the result.

  • Attribute-based access control

    You can restrict the ability of a user to view, modify, and delete instances of classes, or properties within classes. Use attribute-based access control (ABAC) to enforce row-level and column-level security in your application. Restrict access to cases and properties by using attribute-based access control (ABAC)

  • Verifying access control policies

    You can verify access control policies by testing them to see whether they grant or deny access to a specific case for a specific user. By verifying an access control policy, you can see whether a user has required access to a case, and decide whether any changes need to be made to a policy.

If you are having problems with your training, please review the Pega Academy Support FAQs.

Did you find this content helpful?

100% found this content useful

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega Academy has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice