PingCentral 1.8 - PingCentral

Page created: 21 Jun 2021 |

Page updated: 5 May 2022

| 4 min read

1.8 Product PingCentral Developer Audience Administrator

For the best possible experience, review the following information about new features, resolved issues, and known issues before using PingCentral.

New features

Ticket ID	Description
PASS-3465	Administrators can add, edit, and delete trusted certificate authority (CA) certificates directly in PingCentral instead of managing them in an external trust store. Certificates that exist in this trust store in previous versions are imported to the PingCentral database during the upgrade to PingCentral 1.8.
PASS-5313	When promoting SAML applications to PingFederate environments, application owners can upload their own signing certificates and select a signing certificate from a list of certificates available for the PingFederate environment.

Known issues

Ticket ID	Description
PASS-2526	If PostgreSQL is set up without a database, PingCentral fails to start. To prevent this from happening, add the database to the server before starting PingCentral.
PASS-3543	If a certificate is added to a SAML application and a SAML metadata file is subsequently provided that contains a certificate, additional changes to the application cannot be saved. If this occurs, exit the edit page and then access it again.
PASS-3613	PingCentral promotes access token mappings and authentication policy contracts (APCs) with OIDC applications, but the APC mappings that link the APCs to the access token managers are not currently promoted with them. If the APC mappings do not already exist in the target PingFederate environments, applications do not function as expected. When new APCs are promoted in PingCentral, access token mapping referencing the APC is created, but persistent grant mapping is not established so the configurations are invalid. To resolve these issues, configure the APC mappings within PingFederate.
PASS-3634	When application owners use SSO to access PingCentral, administrators cannot assign applications to them prior to the application owners ever accessing PingCentral. However, after they sign on to PingCentral, administrators can access their account information and assign applications to them.
PASS-4633	When using templates to add Web + API applications to PingCentral, you can drag rules between Web and API policies, which might cause the page to go blank. If this occurs, refresh the browser window.
PASS-4893	When an environment is deleted, applications that were promoted to that environment retain the promotion details from the deleted environment. PingCentral does not remove this information from applications when an environment is no longer available.
PASS-4948	Customized authentication challenge responses, which support single-page applications, are also available in PingAccess 6.2 or later. Applications with this type of policy can be added to PingCentral, but cannot be promoted to another environment unless the authentication challenge policy, with the same UUID, also exists in the target environment.
PASS-4956	When using PingCentral, you might occasionally receive a reflective access warning message. You can safely ignore this message.
PASS-5001	When creating, updating, or validating an environment through the API, you receive a server error message if the environment Name or Password fields are null or missing. API requests cannot be processed without this information, so ensure that these fields contain valid values.
PASS-5002	When creating or validating an environment through the API, you receive a misleading error message if the PingAccess Password field is null. Rather than informing you that the information in this field is invalid, it informs you that you are unable to connect to the PingFederate admin console, which is misleading. Requests to connect PingAccess to a PingCentral environment cannot be processed without this information, so ensure that this field contains a valid value.
PASS-5009	If you attempt to add a SAML application to PingCentral from an existing application through the API, and the connection JSON contains identity attribute names and placeholders, you receive an error message advising you to nullify the Names field. However, even if you nullify this field you still receive an error message because the JSON contains placeholders. Remove these placeholders before you proceed.
PASS-5630	When application owners add and update their applications, they can provide metadata exported from service provider (SP) connections, which might include entity IDs, ACS URLs, and certificates, but they cannot provide metadata exported from identity provider (IdP) connections.
PASS-5663	When promoting SAML applications, PingFederate does not allow you to use the same certificate as both an SP certificate and an assertion encryption certificate. Instead of preventing the promotion to continue, you receive a message similar to the following. `Environment'staging': PingFederate. This certificate either has the same ID or the same content as the certificate with index 0.` To continue the promotion, ensure that the SP certificate and the assertion encryption certificate are different.
PASS-5667	If you delete several trusted CA certificates less than a minute apart, PingCentral correctly revokes trust for the first certificate, but does not revoke trust for the other certificates subsequently deleted.