PingFederate 12.2.1 (February 2025)

New PF-36970

We’ve added a feature that gives you the option to include a duplicate RSA key with the RS256 algorithm. You can enable this option by setting the add-duplicate-rs256-alg-key parameter in the <pingfed-install>/pingfederate/server/default/data/config-store/jwks-endpoint-configuration.xml file to true.

Info PF-36972

We’ve confirmed that PingFederate is compatible with Red Hat Enterprise Linux ES 8.10.

Fixed PF-36845

We’ve fixed a defect that caused a 500 error when creating or updating an access token manager using the Administrative API.

Fixed PF-36851

We’ve fixed a defect that caused PingFederate to return a revoked or expired consent error when both Bypass Authorization Approval and Bypass Authorization Approval for Previously Approved Consents are enabled.

Fixed PF-36864

We’ve fixed a defect that caused PingFederate to behave inconsistently when This is My Device is selected and an HTML Form Adapter instance has more than one session configuration in the session overrides.

Fixed PF-36865

We’ve fixed a defect where PingFederate could not accept a TLS 1.2 connection in BCFIPS mode on Java 17.

Fixed PF-36874

We’ve fixed a defect that caused PingFederate to lose user group membership information when it lost contact with the datastore during provisioning operations.

Fixed PF-37012

We’ve fixed a defect that caused the HTML Form Adapter Change Password using an authentication policy to fail when PingOne Protect is the risk provider.

Fixed PF-37021

We’ve fixed a defect that caused OGNL expressions to fail to load when they contained SDK classes.