PingCentral 2.1 (June 2024)

New PASS-6911

Application owners now have more control over which client secrets are used when promoting OAuth and OIDC applications from PingCentral to PingFederate. If the application is configured to use a client secret for authentication, and the environment to which the application is being promoted requires that a random secret be used, users can choose to either generate a new client secret or retain the existing client secret. See Promoting OAuth and OIDC applications for details.

New PASS-6915

Mutual TLS (mTLS) can now be used for admin API authentication from PingCentral to PingFederate. To set up this connection, access the new Client TLS Key Pair page, import the key pair that you want to use for authentication, and configure the environment to use the client certificate you specify. The TLS Key Pair page has also been renamed to Server TLS Key Pair to clearly differentiate between them. See Configuring Mutual TLS for details.

New PASS-6918

Rocky Linux version 9.3 and later is now a supported enterprise operating system.

New PASS-6967

The email parameter has been added to all PingCentral user accounts, which will let you extract users’ email addresses and notify them about important events, such as upgrades, and maintenance windows. The Email Address field now displays on the Add and Edit User pages, an email property has been added to the API, and for SSO configurations, PingCentral will derive the user’s email from the email claim defined by the email scope.

Improved PASS-6904 and PASS-6910

If you have many different applications in many different environments, or if you have many groups using SSO to access PingCentral, you will notice that PingCentral’s performance has been greatly improved with this release. Now, when you filter your applications, you will only see managed applications (created from or promoted to PingCentral environments) by default, which improves page loading speeds. The application owner search functionality has also been improved, which makes it faster and easier to configure owners for applications.

Improved PASS-6913

Previously, when application owners used SSO to sign on to PingCentral and group memberships were also supplied, application owners could select any group as an owner of their application, which gave all group members the ability to manage it. Now, application owners can only select a group as an owner if the application owner is a member of the group.

Improved PASS-6917

When promoting SAML applications, the names of the signing certificates available now include the valid date range, which makes it easier to discern between certificates.

Fixed PASS-2114

Previously, all application owners were listed on the application Summary tab, regardless of the number of owners. If an application had a large number of owners, the list would be long and difficult to read. Now, if the list is large, Show More and Show Less buttons are available to help you navigate the list.

Fixed PASS-6941

Previously, when importing metadata for a SAML application, the Change Template button would disappear. This issue has been fixed, and the Change Template button continually displays as expected.

Fixed PASS-6966

Previously, under certain circumstances, server errors were encountered when JSON-based promotions occurred. This issue has been resolved.

Fixed PASS-6970

Previously, when configuring an environment and uploading a signing certificate, if an existing keystore file (*.p12) was selected, the matching password provided could be too long for PingCentral to accept. This password limit has been increased.

Fixed PASS-6985

Previously, if an application was configured with an assertion encryption certificate, the certificate would disappear from the Promote to Environment modal when the application was being promoted, and users had to upload the certificate again. This issue has been resolved.