For the system of record, security attributes can be stored and maintained internally or externally to the Pega 7 Platform. You can access the operator security attributes that are used in policy conditions in several ways.
Custom authentication allows the policy conditions to access the attributes. Depending on their requirements, users can choose to use the custom authentication activity or the Mapping tab on the Authentication Service form, or they can use both options. For example, mapping can be used to copy data stored in an LDAP directory directly in properties the Data-Admin-Operator-ID class. If mapping is more complex, then an activity can be used to retrieve the attributes from the external location and copy them to a location within the application created in the Pega 7 Platform (for example, a requestor-scoped data page).