PingAuthorize 9.3.0.6 (August 2024)

Added support for a new signature algorithm

New

We added support for Elliptic Curve Digital Signature Algorithm (ECDSA)-encoded signatures for JWT tokens when using the Has Valid Signature For JWKS and Has Invalid Signature For JWKS attribute comparators. Learn more in Conditions.

Fixed a Policy Editor UI issue

Fixed PAZ-12736

We fixed an issue where, in some cases, when selecting a scenario in entity testing or in the Test Suite with a large number of scenarios already defined, the Policy Editor UI would repeatedly flicker.

Fixed a PingAuthorize Server performance issue

Fixed PAZ-13013

We fixed an issue where, when using PingAuthorize Server’s API security gateway in embedded PDP mode, policy decision logging could cause a memory leak and negatively impact the performance of long-running server instances.

Fixed an issue with PIP keystore service calls

Fixed PAZ-12014

We fixed an issue where, when making a service call with a policy information provider key store for MTLS configured and the Server (TLS) option set to None or Default, the service would incorrectly return a Client TLS certificate is required error.

Fixed an issue with HTTP service log messages

Fixed PAZ-12454

We fixed an issue where the status field of an HTTP service log message would include a status message, such as OK, rather than a status code.

Fixed an issue with HTTP service requests

Fixed PAZ-12145

We fixed an issue where, when making HTTP service calls, the policy decision point would incorrectly assign default values to the request body and content-type header.