PingFederate 11.1.1 (July 2022)

Fixed PF-29706 PingDirectory

Improved the security around password expiration when using PingDirectory as a user store.

Fixed PF-31485

Issuance criteria in authentication policy contracts no longer cause the logs to indicate invalid XML errors. This issue did not cause runtime errors.

Fixed PF-31735

Resolved an issue that sometimes occurred when IPV6 addresses were specified in the HTTP Header for Client IP Addresses field on the Incoming Proxy Settings window.

Fixed PF-31753

PingFederate error descriptions no longer disclose details of java classes.

Fixed PF-31795

When PingFederate is using a custom MasterKeyEncryptor that relies on an SSL call to an external service, cluster replication no longer causes cascading failures because PingFederate is unable to open Java key store files.

Fixed PF-31851

When updating the client secret with the OAuth client management service, PingFederate now correctly creates the secondary secrets.

Fixed PF-31942

Now when PingFederate receives an OAuth authorization request with response_mode=pi.flow, password change and account recovery flows using an authentication policy work correctly.

Info

Improved the administrative API to manage the System for Cross-domain Identity Management (SCIM) inbound provisioning settings in identity provider (IdP) connections.

Info

Enhanced PingFederate message customization by adding the following FedHub-specific context variables:

Info

Revised the Cluster Management window to make it more obvious when changes to the configuration on the administrative node have not been replicated to the engine nodes.