Pega Digital Experience API
Pega Digital Experience (DX) provides a consistent, branded experience across channels. Pega Digital Experience (DX) API is a set of model-driven REST API endpoints that enable the ability to view, create, and update cases and assignments programmatically. It allows developers to build a custom front-end experience for Pega Platform™ applications without encoding business logic into each channel.
Pega Platform provides REST APIs that you can use to populate your non-Pega Platform user interface. The response APIs include UI elements, layouts, actions, and styling that differentiates them from the traditional non-DX-API. DX APIs are best for web self-service use cases where it is important to align your user experience with your digital strategy.
The digital experience APIs are REST APIs that combine Pega Platform UI rules (harnesses and sections) with Pega Platform business rules to return JSON-equivalent structures that you can render with your native interface. For example, customers enter information about a vehicle when they make a purchase in a Vehicle application. The response API includes all the details of how the application captures this information, and it mimics the same on the rendering UI.
There are two versions of the DX API: Constellation DX API and Traditional DX API. Constellation DX API focuses on view-based authoring; Traditional DX API focuses on section-based authoring. It lets you manage data views to explore metadata and retrieve specific fields using data view endpoints.
As a lead system architect (LSA), ensure that your application is DX API compliant. The compliance ensures that developers build an appropriate front-end component in the UI system of choice and supports the principle of center-out architecture.
For more information about the Constellation and the Traditional DX APIs, see Pega Digital Experience (DX) API Overview.
Security settings for DX API
The endpoints for DX API require secure access. Authentication settings and access role privileges provide secure access.
Pega Platform includes the authentication settings for the Service Package. The following types of authentication are available for a service package:
- Basic
- OAuth 2.0
- Custom
To access endpoints more securely, use OAuth 2.0 as the authentication type.
For access role privileges, every endpoint has a map to a privilege. You can provide users with specific privileges to perform the actions associated with the corresponding endpoints.
The PegaRULES:PegaAPI access role includes the privileges. This role is available only to the Administrator and Author access groups by default. To grant a user access to the DX API, add the PegaRULES:PegaAPI access role to the access group of the user. You can provide additional privileges to enable field-level security while users perform specific actions.
Constellation DX API is the primary access method and includes more security settings than Traditional DX API.
Constellation DX API always uses OAuth 2.0 as the authentication type when Pega Platform uses Constellation as the base application. Otherwise, create an authentication service for the Constellation DX API by using a code flow with a Proof Key for Code Exchange (PKCE) enabled to avoid exposing the client secret in the browser. Unlike the Traditional APIs, there is no need to create privileges for the Constellation DX API.
For more information about security settings, see Security Settings for Traditional DX API and Security Settings for Constellation DX API.
Check your knowledge with the following interaction:
This Topic is available in the following Module:
Want to help us improve this content?