The PingAccess Agent SDK for C no longer supports FreeBSD 8.

Version 1.4 - July 2024
  • Added support for RHEL 9.
  • If you use a Web + API application, the vnd-pi-resource-cache PingAccess agent protocol (PAAP) header now contains an additional path so Web + API applications can cache both cookie and authorization header token-types. For more information, see the Cache multiple token-types for Web + API applications entry in the PingAccess 8.1 release notes, and the agent.cache.defaultTokenType property on an Apache or IIS agent configuration page.

    Existing agent environments ignore the new vnd-pi-token-cache-oauth-ttl header and additional paths in the vnd-pi-resource-cache header.

    To see the performance boost, upgrade to PingAccess 8.1 and upgrade to the latest version of the desired agent. Otherwise, continue to use an earlier agent version.

  • Configure a PingAccess Apache agent or the PingAccess agent for IIS to block requests that contain bad characters in the URI, query parameters, form parameters, or request body without having to reach out to PingAccess for a decision. Added eight new properties to each agent:
    1. agent.request.block.xss.characters
    2. agent.request.block.uri.characters
    3. agent.request.block.query.characters
    4. agent.request.block.form.characters
    5. agent.request.block.xss.http.status
    6. agent.request.block.uri.http.status
    7. agent.request.block.query.http.status
    8. agent.request.block.form.http.status

    Learn more in the configuration page for your agent:


    For large scale or more complex blocking decisions, it's best practice for the agent to reach out to PingAccess for a decision.

  • Added a new configuration option to the IIS agent to give protected applications better reliability without giving up the ability to perform CRL checking when the server is available: the agent.engine.configuration.checkCertRevocation.bestEffort property.

    This change provides better alignment between PingAccess, PingFederate, and PingAccess policy server CRL checking. Learn more in IIS agent configuration.

Version 1.3 - June 2020
  • Added support for RHEL 8
  • Added agent inventory callback API
  • Removed support for RHEL 6
Version 1.2.1 - February 2020
Fixed a potential security issue.
Version 1.2 - June 2019
Fixed a potential security issue.
Version 1.1.5 - February 2019
Added support for FreeBSD 8
Version 1.1.4 - October 2018
Fixed potential security issues.
Version 1.1.3 - August 2018
  • Updated version of libcurl to fix an issue where libcurl was only checking the first SAN in the server certificate
  • Fixed a potential security issue
Version 1.1.2 - March 2017
Added support for:
  • SUSE Linux Enterprise Server 11 SP4 (x86_64)
  • SUSE Linux Enterprise Server 12 SP2 (x86_64)
Version 1.1.1 - January 2017
  • Established a workaround for a known issue in the Network Security Services library that results in a memory leak when the agent closes a HTTPS connection to a PingAccess policy server. For more information, see this KB article.
  • Fixed an issue where duplicate headers were included in the backend request to the PingAccess Engine, causing the agent to block the request for content.
Version 1.1 - November 2016
Added policy server failover support. Policy server failover support is only provided by the SDK when using the libcurl HTTP client.
Version 1.0.2 - September 2016
  • Fixed an issue where agents could not communicate with PingAccess servers using a certificate signed by a certificate authority because the CRL Distribution Point extension is missing. This issue is limited to agents on Windows deployments.
  • Addressed a potential security vulnerability. This issue is limited to Windows deployments.
Version 1.0.1 - May 2016
Fixed an issue with ZeroMQ policy cache where a terminated process could cause a condition that resulted in unexpected CPU utilization.
Version 1.0 - April 2016
Initial Release.