---
title: PingAccess agent for NGINX 2.2 (December 2024)
description: Info
component: pingaccess
version: 8.3
page_id: pingaccess:agents_and_integrations:pa_nginx_22
canonical_url: https://docs.pingidentity.com/pingaccess/8.3/agents_and_integrations/pa_nginx_22.html
revdate: December 13, 2024
section_ids:
  agent-sdk-for-c-compatibility: Agent SDK for C compatibility
  rhel-7-deprecation: RHEL 7 deprecation
  cache-multiple-token-types-for-web-api-applications: Cache multiple token-types for Web + API applications
  block-bad-characters-in-nginx-agent-deployments: Block bad characters in NGINX agent deployments
---

# PingAccess agent for NGINX 2.2 (December 2024)

## Agent SDK for C compatibility

Info

Compatible with the Agent SDK for C version 1.4.1.

## RHEL 7 deprecation

Info

Support for RHEL 7 will be deprecated in version 1.5.

## Cache multiple token-types for **Web + API** applications

New PA-15516

If you use a **Web + API** application, the `vnd-pi-resource-cache` PingAccess agent protocol (PAAP) header now contains an additional path so **Web + API** applications can cache both cookie and authorization header token-types. Learn more in the **Cache multiple token-types for Web + API applications** entry in the PingAccess 8.1 release notes, and the `agent.cache.defaultTokenType` property on the NGINX agent configuration page.

|   |                                                                                                                                                                                                                                                                                                                         |
| - | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|   | Existing agent environments ignore the new `vnd-pi-token-cache-oauth-ttl` header and additional paths in the `vnd-pi-resource-cache` header.To see the performance boost, upgrade to PingAccess 8.1 or later and upgrade to the latest version of the NGINX agent. Otherwise, continue to use an earlier agent version. |

## Block bad characters in NGINX agent deployments

New PAA-251

Configure the PingAccess agent for NGINX to block requests that contain bad characters in the URI, query parameters, form parameters, or request body without reaching out to PingAccess for a decision.

Added eight new properties to the agent:

1. `agent.request.block.xss.characters`

2. `agent.request.block.uri.characters`

3. `agent.request.block.query.characters`

4. `agent.request.block.form.characters`

5. `agent.request.block.xss.http.status`

6. `agent.request.block.uri.http.status`

7. `agent.request.block.query.http.status`

8. `agent.request.block.form.http.status`

Learn more in the [NGINX agent configuration](pa_nginx_agent_config.html) page.

|   |                                                                                                                                 |
| - | ------------------------------------------------------------------------------------------------------------------------------- |
|   | For large scale or more complex blocking decisions, it's best practice for the agent to reach out to PingAccess for a decision. |