Skip to main content


         This documentation site is for previous versions. Visit our new documentation site for current releases.      
 

Defining access permissions for the requestor type

Updated on May 11, 2022

Provide access to applications for any person or external system signing in through the requestor type.

Optionally, identify an access group — or in special situations, more than one access group — to be available to requestors of this type. As a user or other requestor signs on, the system adds the RuleSets and versions in the application rules of the selected access group to the user's RuleSet list.
FieldDescription
Define this requestor type using Select an Application-based Access Group.
Access Group NameOptional. Identify an access group that contains an application rule and one or more access roles. The RuleSets and versions identified in the application rule in this access group become visible (to rule resolution) for all requestors of this type.

Except as described below, enter only one row in this array, and select the radio button for that row.

For the BATCH instance, you can list additional access groups that are to be available to legacy agents, for the agents where the Agents field on the Security tab of the Agent Queue data instance is blank.

  • For example, list access groups for the Pega-ProCom agent here; the agent needs application-specific access to send correspondence and to find and enforce service-level agreements (SLAs).
  • If the Agents field on the Security tab of the Agent Queue data instance is not blank that access group is used, and the list in the BATCH requestor data instance is ignored.
For the BROWSER instance, you can list additional access groups that are to be available to all browser users — including unauthenticated users — through the application switching facility.
  • As a best practice to restrict access to authenticated users, list such access groups in an Organization data instance, rather than in the BROWSER requestor data instance.
  • It is required to distinguish unauthenticated access groups from authenticated access groups. Therefore, any access groups specified here must NOT match access groups specified for operators.
You may enter additional access groups in this array for requestor data instances other than the BATCH and BROWSER instance.
  • Standard rules ignore all rows except the single access group that is marked with a selected radio button.
  • This array is not a means to provide more than one access group to services or portlets.

Legacy fields

These fields appear for Requestor Type data instances with Lists of RuleSets and Roles. This approach is deprecated for new development.
FieldDescription
STARTING RULESETSRuleSet or RuleSet:Version. Order is significant.
STARTING ROLESAccess role. Order is not significant.

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us