Resolved issues

Ticket ID Description
PF-25537 Updated jackson-databind to version 2.9.10.4.
PF-25896 Responses from the /idp/spConnections administrative API endpoint no longer return the wsTrustVersion property for SAML connections.
PF-26012 PUT requests to the /idp/spConnections/{id} administrative API endpoint to update a WS-Federation connection that has an attribute datastore no longer remove all the attribute source settings from the connection.
PF-26020 Resolved a potential security vulnerability described in security bulletin SECBL016 on the Ping Identity Support website.
PF-26037 PingFederate no longer relies on an externally hosted polyfill.io JavaScript library.
PF-26087 The bulk import administrative API now works correctly for OAuth client set authentication selector instances when using externally-stored OAuth clients.
PF-26091 When PingFederate gets attributes from a REST API datastore and authenticates with the OAuth 2.0 bearer token method, PingFederate now correctly reuses the valid token for subsequent calls to the datastore.
PF-26097

Get requests to the /oauth/authServerSettings administrative API endpoint now correctly return persistentGrantLifetime:-1 when Persistent Grant Max Lifetime is set to Grants Do Not Expire, and return persistentGrantIdleTimeout:-1 when Persistent Grant Idle Timeout is set to Grants Do Not Timeout Due to Inactivity.

PUT requests to the /oauth/authServerSettings endpoint now allow the value -1 for persistentGrantLifetime to indicate no expiration, and for persistentGrantIdleTimeout to indicate no timeout.