Question

4
Replies
904
Views
Close popover
Bhagyashree Choudhary (BhagyashreeC9567)
Evoke Technologies

Evoke Technologies
IN
BhagyashreeC9567 Member since 2018 18 posts
Evoke Technologies
Posted: April 26, 2018
Last activity: April 30, 2018
Closed
Solved

Authorization Levels in Pega

Hi Guys,

I have a question around Access Control/Authorization in Pega.
Suppose I want to hide certain functionality in the application from a set of users. I can simply hide the link to that particular module/ functionality say a grid or tab or menu item using a condition such as pyAccessGroup should be XYZ (Visible When or Enable When).

Then why do we need to define authorization/security at even granular levels such as access roles and privileges.

Is this a way to make the security model more robust and at the class level also (assuming access roles incorporate various classes and associated privileges)?
If I only deny access based on the example I gave, i.e. hiding a grid or menu item from user based on a simple condition such as .pyAccessGroup=="Appl:Admin", can this security pose threats and is compromising in real time?

Please explain in detail.

Thanks!

Bhagyashree

Low-Code App Development Security
Moderation Team has archived post,
Close popover This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.