Support Article

SSO: PR_INDEX_OPERATORS adding more records with each login



When logging into any Pega environment, with more than one access group connected to your name, the corresponding database table - pr_index_operators - has an entirely new set of access groups appended to it.

Most of these might be duplicates, and the old access groups are not removed. This continues every time you log on.

Error Messages

Not Applicable

Steps to Reproduce

  1. Run the SQL statement - select pylabel, pyaccessgroupadditional from pega_data.pr_index_operators
  2. where pylabel = '<userid>' .
  3. Log into the application via SSO.
  4. Re-run query and you have additional records in the table - pr_index_operators.

Root Cause

The SSO login activity was clearing the pyAccessGroupsAdditional value list property with a Property-Remove step then in a Java step appending values based on business logic. This property is associated to a Rule-Declare-Index that populates the PR_INDEX_OPERATORS data table. After the login activity ran the indexing was not being done properly, was not reindex properly so additional records were being added to the table.


When modifying the pyAccessGroupsAdditional value list property during a login activity add a Property-Set step using the Data-Admin-Operator-ID page being setup for the user setting ".pzReindex" with a value of true. This will force proper reindexing of the pyAccessGroupsAdditional value list when the engine level saves the operator record after the login activity has finished running.

Published April 19, 2017 - Updated April 22, 2017

100% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.