Skip to main content

Table of Contents

Attribute-Based Access Control (ABAC)

The Pega Platform offers rules that configure data access control based the values of attributes contained in a transaction. The Attribute-Based Access Control (ABAC) security feature can be used to mask sensitive data such as Tax ID, security question and answers so that only authorized operators can view.

You can restrict the ability of a user to view, modify, and delete instances of classes, or properties within classes. Use attribute-based access control (ABAC) to enforce row-level and column-level security in your application.

Access restrictions are enforced by defining access control policies. Conditions used in access control policies compare attributes in class instances to other information (typically, information about user’s identity, organizational reporting relationships, or other security credentials that might be case-specific).

Two rule types (Access Control Policy and Access Control Policy Condition) are used to define policies for different types of actions (Read, Update, Delete, Discover, PropertyRead, PropertyEncrypt). The rule types compare property values in class instances to clipboard property values.

See Attribute-based access control in the online help for more information.

Suggest Edit
Did you find this content helpful?

0% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Ready to crush complexity?

Experience the benefits of Pega Community when you log in.

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us