PingFederate Server

PingFederate 11.2.1 (February 2023)

Enhancements and resolved issues in PingFederate 11.2.1.

OAuth client management

Fixed PF-32790

When managing OAuth clients, we’ve resolved a defect where selecting the Require JWT Secured Authorization Response Mode text toggled the incorrect check box.

Potential security vulnerability

Fixed PF-32805

We’ve resolved a potential security vulnerability that is described in security advisory SECADV033.

Informing adapters of end policy result

Fixed PF-32890

When processing policy fragments, all adapters invoked in the fragment now correctly execute their respective post-processing step (if applicable) to inform the adapter of the end policy result.

Managing certificates within Metadata Export

Fixed PF-32965

Managing certificates within the Metadata Export flow no longer displays or saves an empty list of certificates, clearing out existing ones in the process. For more information, see Metadata export.

Cluster data replication

Fixed PF-32983

We’ve resolved a defect where cluster data replication could remove keys from engine node’s pf.jwk file instead of merging and retaining the keys.

Other improvements

New

  • We also updated the following bundled components and third-party dependencies:

    • PingID Integration Kit 2.23

    • PingID Adapter 2.13.2

    • PingID PCV (with integrated RADIUS server) 3.0.2

      This version of the PingID PCV has known issues that you should review before upgrading. For more information, see Known issues in PingID RADIUS PCV 3.0.2.