PingOne MFA Integration Kit 2.3 (January 2, 2024)

Improved

Improved STAGING-19855

Previously, the values provided in the pi.template object for notification customization were used only in authentication flows. Now, customization (including dynamic variables) is applied also to pairing flows, one-time device flows, and change device flows.

New

When authenticating, users who are authorized to manage their devices can now edit the nicknames used for their various authentication devices. This capability is also supported in the PingFederate authentication API (action is called updateDeviceNickname).

Fixed STAGING-18848

Previously, if you defined a custom proxy for an adapter, the host specified with Custom proxy host was not used for OAuth tokens (the token endpoint). These requests used the system default proxy instead, causing the request to fail. This issue has been fixed.

Improved STAGING-19417

In the PingOne Audit log, events triggered by the MFA adapter now include IDs that can be used to locate events in the PingFederate log. The trackingid field from PingFederate is represented in the PingOne Audit log as sessionId. If you are using version 11.3 or higher of PingFederate, then the transactionid field from PingFederate is also included in the PingOne Audit entry, appearing there as transactionId.

New STAGING-19722

By default, when pairing an email or SMS device, users can enter the email address or phone number. However, the adapter configuration now includes an option called Allow only predefined values for phone or email devices. This option allows you to limit the values to the email addresses and phone numbers stored for the user. If you enable this option, the relevant email address or phone number is already filled in when the user tries to add a device, and the user cannot modify the address/phone number.