Attribute-based access control allows you to control access to an object (case, report, property) by adding attribute values to objects and configuring the access control policies. Lets learn more about How to Configuring Attribute Based Access Control in Pega 8.
The access control policies determine whether specific users can access the objects. You can use one attribute to allow different actions in different objects.
To configure attribute-based access control in your application
- Determine the attributes used for access control purposes.
- Define the access control policy condition that compares the object’s attribute values to the user’s.
- Finally, define the access control policy to specify the action that is controlled by the evaluation of the condition logic.
To configure the attribute-based access control in your application, start with defining the user and object attributes that you use.
You can define user attributes in various ways.
- For example, if you use an external directory, you can assign the attributes to users in the directory.
- You then map those attributes to the Pega application into the user’s operator record or a requestor level data page.
Access Control Policy Condition:
After you configure attributes that you are going to use, configure the Access Control Policy Condition rule form.
- In an Access control Policy Condition rule form, you define a set of filters.
- Add logic to the filters that combines the conditions, for the access control policy.
This means that the user can do one the actions defined in the access control policy if the conditions in the access control policy condition rule are met.
Note: In the policy, you can enter multiple sets of conditions with filter logic values. Each filter logic specification is associated with a when rule.
Access Control Policy:
After you configure the Access Control Policy Condition rule form, configure an Access Control Policy rule form.
In the policy form you choose from one the following actions that limit what the user is allowed to do when accessing an object:
Hope you learned about How to Configuring Attribute Based Access Control in Pega 8.