PingFederate Server

PingFederate 11.1.4 (February 2023)

OAuth client management

Fixed PF-32790

When managing OAuth clients, we’ve resolved a defect where selecting the Require JWT Secured Authorization Response Mode text toggled the incorrect check box.

Potential security vulnerability

Fixed PF-32805

We’ve resolved a potential security vulnerability that is described in security advisory SECADV033.

Informing adapters of end policy result

Fixed PF-32890

When processing policy fragments, all adapters invoked in the fragment now correctly execute their respective post-processing step (if applicable) to inform the adapter of the end policy result.

Managing certificates within Metadata Export

Fixed PF-32965

Managing certificates within the Metadata Export flow no longer displays or saves an empty list of certificates, clearing out existing ones in the process. For more information, see Metadata export.

Cluster data replication

Fixed PF-32983

We’ve resolved a defect where cluster data replication could remove keys from engine node’s pf.jwk file instead of merging and retaining the keys.