Close popover

Table of Contents

Enforcing policies from the Security Policies landing page

Version:

To enforce security policies that are defined on the Security Policies landing page, configure your basic authentication service.

  1. Open the service from the navigation pane in Dev Studio by clicking Records SysAdmin Authentication Service and choosing a service from the instance list, and then click the Security policies tab.

  2. Click the Add item icon to specify a security policy.

  3. In the Policy type list, select the policy to enforce.

    • If you select Multi-factor authentication, you must map properties such as email address or phone number from the email or SMS receiver account by using the Mapping tab.
    • If you select User consent, the section pyPostAuthConsentScreen is displayed to the user after authentication. You can customize this section.
    • If you select CAPTCHA, the settings on the Security Policies landing page take effect as described below.
      • If you set the value of Enable presentation of CAPTCHA upon initial login to Enabled, the CAPTCHA is displayed for every login.
      • If you set the value of Enable presentation of CAPTCHA upon initial login to Disabled, the CAPTCHA is displayed according to the probability that you set in the Probability that CAPTCHA will be presented upon authentication failure (%) field.
  4. Click Save.

  • Authentication services

    To override or extend the default authentication process, create and configure an authentication service.

  • Authentication services and security policies

    To improve security in authentication services that support security policies, you select which policies to enable by using the Security policies tab of the authentication service. You define the details of each policy, such as the minimum password length and the duration of a one-time password, on the Security Policies landing page.

  • Configuring a basic authentication service

    After you create a basic authentication service, configure it so that Pega Platform uses the specified security policies for authenticating users. You can also configure optional features such as preauthentication and postauthentication activities.

  • Defining security policies

    To define security policies for user authentication and session management, use the Security Policies tab.

Suggest Edit

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.