--- title: Deprecated description: The functionality listed here is deprecated, and likely to be removed in a future release. component: pingam version: release-notes page_id: pingam::deprecation canonical_url: https://docs.pingidentity.com/pingam/release-notes/deprecation.html section_ids: deprecated_since_pingam_8_1: Deprecated since PingAM 8.1 saml_v2_0_jsps: SAML v2.0 JSPs authentication_by_module_instance_policy_condition_type: Authentication by Module Instance policy condition type node-versioning-endpoints: Node versioning REST endpoints deprecated_since_pingam_8_0: Deprecated since PingAM 8.0 prometheus-monitoring-endpoint-deprecated: Monitoring deprecated-audit-event-handlers: Audit event handlers deprecated_since_am_7_5: Deprecated since AM 7.5 secret_label_mappings: Secret label mappings configuration_replaced_by_secret_labels: Configuration replaced by secret labels changes_to_action_class: Changes to Action class legacy_social_provider_node: Legacy Social Provider node deprecated_since_am_7_4: Deprecated since AM 7.4 --- # Deprecated The functionality listed here is deprecated, and likely to be removed in a future release. ## Deprecated since PingAM 8.1 ### SAML v2.0 JSPs The JSPs provided for SAML v2.0 standalone mode are deprecated. Use the URL entry points described in [removed functionality](removed.html#removed-saml-jsps) instead. | | | | - | ------------------------------------------------------------------------------------------------------------------------------------------- | | | You can still invoke the JSPs because they're mapped to URLs for backward compatibility, but any customizations to these JSPs will be lost. | ### Authentication by Module Instance policy condition type The Authentication by Module Instance environment condition type is deprecated and will be removed in a future release. For existing policies, this condition type evaluates to `false`. You should remove this condition type from all policies as soon as convenient. ### Node versioning REST endpoints Resource versions 1.0 and 2.0 are deprecated for the `realm-config/authentication/authenticationtrees` endpoint. Use resource version 3.0 instead. Versionless node endpoints are also deprecated. Make sure you always specify the node version in the request URL. Learn more about these changes in [Node versioning](whats-new-8.1.html#node-versioning). ## Deprecated since PingAM 8.0 ### Monitoring * Interface endpoint for monitoring server activity with Prometheus The `/json/metrics/prometheus` endpoint is deprecated in this release. To monitor server activity with Prometheus, use one of the new endpoints instead: * `/metrics/prometheus` * `/metrics/prometheus/0.0.4` Although the `/metrics/prometheus` endpoint is new, it is also *deprecated* in this release and support for its use will be removed in a future release. Move to the `/metrics/prometheus/0.0.4` endpoint as soon as convenient. Learn more in [Monitor with Prometheus](https://docs.pingidentity.com/pingam/8/maintenance-guide/monitoring-prometheus.html). * MBean and JMX interfaces Support for the legacy MBean and the JMX monitoring interfaces is deprecated in this release. AM supports other options for monitoring servers, including Graphite. Learn more in [Monitor AM instances](https://docs.pingidentity.com/pingam/8/maintenance-guide/monitoring-am.html). ### Audit event handlers The following audit event handlers are deprecated and will be removed in a future release: * CSV * Syslog * JDBC * JMS Use the [JSON audit event handler](https://docs.pingidentity.com/pingam/8/security-guide/implementing-audit.html#configuring-json-audit-event-handlers) instead. ## Deprecated since AM 7.5 ### Secret label mappings The following secret label mappings are deprecated in this release: * `am.global.services.session.clientbased.encryption` * `am.global.services.session.clientbased.signing` Learn more about changes to secret label mappings in [Support for storing secrets in secret stores](whats-new-7.5.html#new-secrets-api-support). ### Configuration replaced by secret labels | Feature | Deprecated field | | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------- | | [CAPTCHA node](https://docs.pingidentity.com/auth-node-ref/8.1/captcha.html) | `CAPTCHA Secret Key` | | [Core authentication settings](https://docs.pingidentity.com/pingam/7.5/authentication-guide/authn-core-settings.html) | `Persistent Cookie Encryption Certificate Alias``Organization Authentication Signing Secret` | | Encrypted device storage services:- [Device Binding service](https://docs.pingidentity.com/pingam/7.5/reference/global-services-configuration.html#global-devicebindingservice) - [Device ID service](https://docs.pingidentity.com/pingam/7.5/reference/global-services-configuration.html#global-deviceidservice) - [Device Profiles service](https://docs.pingidentity.com/pingam/7.5/reference/global-services-configuration.html#global-deviceprofilesservice) - [OATH service](https://docs.pingidentity.com/pingam/7.5/reference/global-services-configuration.html#global-authenticatoroathservice) - [Push service](https://docs.pingidentity.com/pingam/7.5/reference/global-services-configuration.html#global-authenticatorpushservice) - [WebAuthn service](https://docs.pingidentity.com/pingam/7.5/reference/global-services-configuration.html#global-authenticatorwebauthnservice) | `Key Store Password``Key-Pair Alias``Private Key Password` | | [OTP SMS Sender node](https://docs.pingidentity.com/auth-node-ref/8.1/otp-sms-sender.html) and [OTP Email Sender node](https://docs.pingidentity.com/auth-node-ref/8.1/otp-email-sender.html) | `Mail Server Authentication Password` | | [Password replay](https://docs.pingidentity.com/pinggateway/2026/gateway-guide/sso-cdsso.html#credentials-am) | `Replay Password Key` (`com.sun.identity.agents.config.replaypasswd.key`) | | [Persistent Cookie Decision node](https://docs.pingidentity.com/auth-node-ref/8.1/persistent-cookie-decision.html) and [Set Persistent Cookie node](https://docs.pingidentity.com/auth-node-ref/8.1/set-persistent-cookie.html) | `HMAC Signing Key` | | [PUSH notification service](https://docs.pingidentity.com/pingam/7.5/reference/global-services-configuration.html#global-pushnotification) | `SNS Access Key Secret` | | [SAML v2.0 remote SP and IDP configuration](https://docs.pingidentity.com/pingam/7.5/saml2-guide/saml2-reference.html#saml2-remote-idp-configuration) | `Basic Authentication` settings | | [Session service](https://docs.pingidentity.com/pingam/7.5/reference/global-services-configuration.html#global-session-client-based-sessions) | `Encryption Symmetric AES Key``Signing HMAC Shared Secret` | | [Social Provider service](https://docs.pingidentity.com/pingam/7.5/authentication-guide/social-idp-client-reference.html) | `Client Secret` | ### Changes to `Action` class The following `org.forgerock.openam.auth.node.api.Action` methods are deprecated in this release: * `public ActionBuilder withUniversalId(String universalId)` * `public ActionBuilder withUniversalId(Optional universalId)` Use the new `public ActionBuilder withIdentifiedIdentity(String username, IdType identityType)` and `public ActionBuilder withIdentifiedIdentity(AMIdentity identity)` methods instead. The `Optional universalId` field is also deprecated, and is replaced by `Optional identifiedIdentity`. ### Legacy Social Provider node The [Legacy Social Provider Handler node](https://docs.pingidentity.com/auth-node-ref/8.1/legacy-social-provider-handler.html) has been marked as deprecated and will be removed in a future release. This node is replaced by a new [Social Provider Handler node](https://docs.pingidentity.com/auth-node-ref/8.1/social-provider-handler.html) that resolves issues related to reentry cookies. The legacy node remains supported in existing journeys. If you're creating new journeys, use the new Social Provider Handler node instead. ## Deprecated since AM 7.4 No features or functionality were deprecated in this release.