Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 Tomoko Hamasaki (hamat) Senior Solutions Consultant
Pegasystems Inc.
JP
hamat Member since 2020 4 posts
Posted: May 14, 2021
Last activity: May 28, 2021
Posted: 14 May 2021 9:28 EDT
Last activity: 28 May 2021 2:07 EDT
Closed

Pega's mandatory http/https method

Hi All,

My customer wants to restrict the methods (GET, PUT, POST, etc.) that can be used for HTTP / HTTPS communication for their security reason.

Does anyone know about the mandatory http/https methods that be used in order to use the OOTB functions of Pega (development in AppStudio / DevStudio, operation from Portal)? Thank you.

To see attachments, please log in.
Pega Platform
Security
Solutions Consultant

Posted: 3 years ago
Posted: 28 May 2021 2:05 EDT
Tomoko Hamasaki (hamat) Senior Solutions Consultant
Pegasystems Inc.
JP

Hi @TashikaS,

 

Thank you for your reply!!

I found the following official document at the link you shared.

 

Implementing security guidelines for test environments

https://community.pega.com/sites/default/files/help_v85/procomhelpmain.htm#security/best-practices/sec-security-guidelines-for-test-env-ref.htm

  • Disable HTTP methods that your application does not use, including HEAD, TRACE, and TRACK. By default, Pega Platform uses POST and GET.

 

Thank you so much for your help!!

To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice