Because of the sensitive nature of these inquiries, we recommend that you collaborate with your Pega account team assigned to your company. Pega account team can submit an internal request to Pega’s client inquiry team, which specializes in providing assistance with security and compliance-related issues. Please note that, according to our internal policy, these requests must be documented and audited through our client inquiry process.
@Jon Gupta Currently, Pega Process Mining does not offer exhaustive public documentation specifically detailing REST API configuration for on-prem data access or the secure file exchange process with encryption. However, for REST API configuration, you typically set up a connector in the Process Mining UI, define the endpoint URL, and configure OAuth2 or Basic Authentication under security settings. You must ensure network access between the cloud and on-prem server via VPN or secure tunnel. For file exchange, encrypted files (AES or PGP encryption recommended) are usually pushed to a dedicated SFTP or cloud bucket linked to the Pega Process Mining workspace. Decryption is managed using asymmetric key pairs, where the private key remains securely configured in the Process Mining environment, and public keys are used by the sender. Key rotation and management should be handled through your enterprise key vault (e.g., Azure Key Vault or AWS KMS).