PingOne

November 2023

November 28

RADIUS Gateway Docker images are now hosted on Docker Hub

New PingOne

The PingOne RADIUS Gateway Docker images have moved to the Docker Hub. If you are running the PingOne RADIUS Gateway as a Docker container, ensure that you update your Docker commands, replacing the old image location with the new location at:

pingidentity/pingone-radius-gateway:<supported_version>

For example, the Docker run command for the latest version is:

docker run ... pingidentity/pingone-radius-gateway:1.1.0

If you have implemented any automated solutions, you should also update them to the new Docker Hub location.

November 17

Updated LDAP Gateway client application

Improved PingOne

We’ve released LDAP Gateway client application version 3.0.1. This version improves security and performance, and requires Java 17.0.8 (or later) or Java 21 LTS (or later). Java 8 and Java 11 are no longer supported. For more information, see LDAP gateways.

November 16

RADIUS Gateway connector enhancements

Improved PingOne

We’ve added the PingID Policy evaluation capability to the RADIUS Gateway connector. For information, see RADIUS Gateway connector.

PingID connector enhancements

Improved PingOne

We’ve added the PingID Policy evaluation capability to the PingID connector. For information see PingID connector.

November 15

New sidebar navigation experience

Improved PingOne

We’ve incorporated extensive feedback from customers, partners, and user testing sessions into a new and improved PingOne sidebar navigation experience. The new structure makes it easier to discover new capabilities and manage your everyday configuration tasks. The documentation has been organized to reflect the new experience.

While we think the new sidebar will be more intuitive and easier to use, we’ve created a PingOne sidebar navigation crosswalk to help you get oriented quickly.

Unified login enhancements

Improved PingOne

In an effort to simplify the login experience, we’ve removed region selection when signing on to PingOne and consolidated environments associated with an administrator’s email address across all regions. Any environment with an expired license will also be flagged. See Accessing the PingOne admin console.

November 14

Risk predictors - single-instance predictors

Info PingOne Protect

The following types of risk predictors can now have only one instance per environment:

  • IP velocity

  • User velocity

  • Bot detection

  • Suspicious device

  • User risk behavior (organization-wide)

  • User-based risk behavior (individual user)

The remaining predictor types can still have up to fifteen instances per environment.

November 3

Improved polling mechanism for Workday inbound provisioning

Improved PingOne

For inbound provisioning using the Workday provisioning connector, the polling interval has been reduced from 4 hours to 15 minutes. For more information, see Inbound and outbound provisioning.

Support for OAuth 2.0 Client Credentials grants in service connections

New PingOne Authorize

Now you can use OAuth 2.0 Client Credentials grants to authenticate HTTP service connections. This grant type allows the decision service to obtain and manage access tokens for service connections, eliminating the need for static tokens stored in attributes. As part of this update, the OAuth authentication type has been renamed Bearer Token. For more information, see Connecting an HTTP service.

Test statement processing in authorization policies

New PingOne Authorize

To improve policy testing, we’ve added the capability to test statement processing. Using built-in statements processed by the API Access Management HTTP Access Policy Service, you can simulate API requests and responses and examine the resulting statement transformations. For more information, see Testing statement processing.

New built-in user profile attributes

New PingOne Authorize

To improve your policy authoring experience, we’ve made it easier to access user profile information from PingOne Directory. The Trust Framework now includes built-in user name, email, primaryPhone, and username attributes ready for use in policies without any additional configuration. For more information, see Built-in attributes.