Deprecated

The legacy audit logging service is deprecated. Support for its use will be removed in a future AM release. Use the Common REST-based audit logging service instead.

The org.forgerock.openidconnect.Claim class has been deprecated. Support for its use will be removed in a future AM release. Its functionality is replaced by the org.forgerock.oauth.clients.oidc.Claim class, in the OpenAM commons library.

Find more information about the new class in Changes to the OIDC claim classes.

The user_id field, which is part of the JSON response returned by the /oauth2/introspect endpoint, is deprecated, and will be removed in a future release. It is replaced by the username field, in compliance with RFC 7662.

The CAPTCHA node has been rewritten. The previous version of the node has been deprecated, and is now shown as Legacy CAPTCHA in the UI. Find information on the new node in CAPTCHA node.

The AM API now includes new interfaces, each with a single responsibility. When building plugins, use these interfaces from the org.forgerock.oauth2.core.plugins package instead:

Find examples in Customize OAuth 2.0 with plugins.

The ssoadm command and the configurator.jar, upgrade.jar, and ampassword tools remain deprecated. They will be removed in a future release of AM.

The Access Token Enricher plugin interface is deprecated and will be removed in a future release of AM. The functionality of the access token enricher is superseded by the new AccessTokenModifier extension point.

The JAXRPC endpoint URL, used by the remote IDM/SMS APIs, is deprecated and will be removed in a future AM release.

The following method is deprecated and will be removed in a future AM release: preSendFailureResponse(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse,java.lang.String,java.lang.String)

If you have a custom implementation of the SAML2IdentityProviderAdapter interface, you should now plan to replace the deprecated method with the new implementation: preSendFailureResponse(java.lang.String,java.lang.String,javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse,java.lang.String,java.lang.String).

AM 7.1 supports both file-based audit handlers and logging to standard output, which Elasticsearch and Splunk can consume.

Learn more in Implement the audit logging service.

Using the isAlive.jsp to determine if an instance is alive is deprecated.

AM 7.1 includes new endpoints to determine if an instance is alive, and ready to process requests.

Learn more in Monitor AM instances.

The existing signature for the getIDPAuthnContextInfo method of the IDPAuthnContextMapper interface is deprecated.

AM 7.1 includes a new signature for the getIDPAuthnContextInfo method, which includes an additional parameter for the entity ID of the service provider (SP).

The following authentication nodes have been deprecated in favor of the Social Provider Handler node:

As part of this change, the Social Authentication Implementations Service is also deprecated. Find information about using the Social provider node in social registration.

Direct access to authentication trees' transient, secure, and shared states using the TreeContext class has been deprecated.

Learn more in Store values in a tree’s node states and Access shared state data.

This service is deprecated and will be removed in a future release. Installing instances of this service in AM 7.0.1 is not supported. However, upgrading existing instances is.

You can use the embedded DS instance for evaluation and demonstration purposes only.

The embedded DS server will be removed in a future release. If you are still using the embedded DS server, change to an external DS server instead.

You should migrate your environments to Intelligent Access using authentication trees and nodes.

Support for the following authentication methods in the authentication context table, when configuring a hosted identity provider, is deprecated:

The other authentication methods are not deprecated, and can be used to achieve the same results as the deprecated options.

Find information about configuring SAML v2.0 authentication context mappings in authentication context.