--- title: PingID Integration Kit 2.28 (February 27, 2025) description: New features and improvements in PingID Integration Kit 2.28 for PingFederate. component: pingid page_id: pingid:release_notes:pid_i_2_28_rn canonical_url: http://docs.pingidentity.com/pingid/release_notes/pid_i_2_28_rn.html revdate: February 27, 2025 section_ids: pingid-adapter-authentication-from-two-different-tenants: PingID Adapter authentication from two different tenants pingid-adapter-support-for-microsoft-eam-integration: PingID Adapter support for Microsoft EAM integration blast-radius-security-enhancement: Blast-RADIUS security enhancement direct-otp-validation-enhancements: Direct OTP Validation enhancements pingid-service-id-field-removed: PingID Service ID field removed otp-fallback-inadvertently-triggered: OTP fallback inadvertently triggered --- # PingID Integration Kit 2.28 (February 27, 2025) New features and improvements in PingID Integration Kit 2.28 for PingFederate. The PingID Integration Kit 2.28 for PingFederate is released with the following components: | PingID Integration Kit component | Version | Status | | -------------------------------- | ------- | --------- | | **PingID Adapter** | 2.16 | New | | **PingID RADIUS PCV** | 3.1.0 | New | | **PingID SaaS Connector** | 1.1.1 | Unchanged | ## PingID Adapter authentication from two different tenants New PingID Integration kit for PingFederate It is now possible to authenticate from two separate instances of the PingID Adapter, where each instance points to a different tenant. This allows users to authenticate to more than one organization. ## PingID Adapter support for Microsoft EAM integration Fixed STAGING-25038 PingID Integration kit for PingFederate We've added the `eamAmr` attribute to the list of PingID authentication attributes. This allows you to map the attribute and use it to evaluate PingFederate policies upon successful authentication with PingID. Additionally, it facilitates integration with Microsoft Entra ID's External Authentication Methods (EAM). Learn more in [PingID authentication attributes](../pingid_integrations/pid_authentication_attributes.html). ## Blast-RADIUS security enhancement Improved PingID Integration kit for PingFederate We've made some enhancements to the RADIUS PCV client security configuration to mitigate the risk of a Blast-RADIUS attack. Learn more in the [PingID RADIUS PCV parameters reference guide](../pingid_integrations/pid_radius_pcv_parameters.html). ## Direct OTP Validation enhancements Improved PingID Integration kit for PingFederate We've expanded the capabilities of the Direct OTP validation field. It is now possible to perform OTP (one-time passcode) validation for RADIUS clients that do not support access-challenge, or lack a Delegate PCV configuration, as well as for clients opting to use LDAP as an Attribute Source within the Delegate PCV setup. Learn more in the [PingID RADIUS PCV parameters reference guide](../pingid_integrations/pid_radius_pcv_parameters.html). ## PingID `Service ID` field removed Info PingID Integration kit for PingFederate The PingID Service ID field is deprecated and is removed from PingFederate. | | | | - | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | In RADIUS 3.0.4 or earlier, where the PingID `Service ID` field still exists, if the field is populated, an error message informs administrators that the field value should be updated to `VPN`. | ## OTP fallback inadvertently triggered Fixed STAGING-19409 PingID Integration kit for PingFederate We've fixed an issue that was preventing OTPs from being received during a push service outage, and inadvertently causing RADIUS PCV to trigger OTP fallback.