Resolved issues

Ticket ID Description


Improved performance of the administrative console when a large number of OAuth clients are stored in LDAP or JDBC datastores.


Resolved a potential security vulnerability that is described in security bulletin SECBL021.


When PingFederate rotates a refresh token, if the client fails to get the new token, now PingFederate can accept the previous token for the short period that you specify with the Refresh Token Rolling Grace Period setting.


PingFederate can be successfully integrated with AWS CloudHSM client version 3.4.4.


Resolved a potential security vulnerability by updating Apache Log4j2 to version 2.17.1.


When configuring the URL of the PingOne home button in the PingFederate administrative console, now pf.pingone.admin.url.region in supports Canada as a region.


Resolved an issue that allowed PingDirectory users to authenticate with expired passwords.


Resolved an issue that caused certificate revocation list (CRL) checks to return "issuer not found in trusted CAs store" even though the issuer certificate is present.