Enhancements and resolved issues in PingFederate 11.3.2.
Authenticating to Azure SQL Managed Instance through Azure Active Directory
Now PingFederate supports authentication to Azure SQL Managed Instance through Azure Active Directory without a username and password. For more information, see Configuring a JDBC connection.
Jetty library upgrade
We upgraded the Jetty library to 9.4.52.v20230823.
One-time link in password-reset email messages
When using redirectless mode, now the one-time link (OTL) in password-reset email messages returns users to the authentication API application configured for the policy, rather than to PingFederate.
Incorrect error template when using service provider authentication policies
When a service provider (SP) authentication policy fails, PingFederate now renders the
sp.sso.error.page.template.html page instead of the
idp.sso.error.page.template.html page.
Updating OAuth clients with dynamic client registration
Fixed a defect where an OAuth client created with dynamic client registration (DCR) couldn't be updated with DCR after it was modified with the administrative console.
Idle JDBC datastore connections
Now PingFederate closes idle JDBC datastore connections until the minimum pool size is reached instead of closing and recreating all of them.
The
id_token_jti property in token endpoint
responses
The id_token_jti property is no longer included in token
endpoint responses.
Administrative API defect when fragment rules have Default to Success disabled
Fixed an administrative API defect when a fragment rule had Default to Success disabled
Email notifications for licensing events even when disabled
Resolved an issue that caused PingFederate to send email notifications for licensing events even though they were disabled in the Runtime Notifications configuration.