May 2023 - PingOne Cloud Platform - PingOne

PingOne Cloud Platform

bundle
pingone
ft:publication_title
PingOne Cloud Platform
Product_Version_ce
PingOne Cloud Platform
PingOne
category
Administratorguide
ContentType
Guide
Product
Productdocumentation
p1
p1cloudplatform
ContentType_ce
Product documentation
Guide > Administrator Guide
Guide

May 18

Single Logout support for SAML apps and identity providers

PingOne
New

You can now use PingOne to send SLO (Single Logout) requests to SAML 2.0 applications and external identity providers. This feature increases security by enabling PingOne to sign a user out of all applications that they are currently signed in to. For more information, see Editing an application - SAML and Adding an identity provider - SAML.

May 16

IPv6 addresses

PingOne Risk
Improved
Support for IPV6 addresses has been added to PingOne Protect. As the adoption of IPv6 expands, additional data on IPv6 addresses is being gathered. For risk predictors where data for IPv6 addresses is missing, the fallback risk level is used. This is relevant for the following predictors: anonymous network, geovelocity, IP reputation, and user location anomaly.

May 15

Event logs now include more information

PingOne
Improved

To make the Webhook events and Audit reports more useful, event data now includes attributes containing the end-user’s IP address, the PingOne session ID, and User Agent strings. You can use this information to improve external SIEM processing, investigations, and issue resolution. Use the session ID to connect separate events related to the same user during the same time period. The following table shows the new values and how they'll be included in Audit reports and Webhooks.

New values in Audit reports and Webhooks
New values in Audit reports and Webhooks

Included in Audit reports?

Included in Webhook events?

IP address

Yes

If configured. Not included by default.

UserAgent strings

Yes

If configured. Not included by default.

PingOne session ID

Yes

Yes

We’ll add these new values to the various event types gradually, starting with those related to authentication, directory, user operations, and roles. MFA and other services will follow soon after.

Because IP addresses and User Agent strings can be considered sensitive data, PingOne includes an opt-in setting for these values when creating a Webhook. For more information, see Webhooks.

May 12

Updates to inbound provisioning attributes

PingOne
Info

For inbound provisioning rules, the names of some attributes listed under PingOne Directory, when PingOne Directory is the target, have changed. This change applies only to the labels in the user interface; where the attribute is stored or read hasn't changed. The following table shows the attributes that have changed.

Inbound provisioning attribute updates
Inbound provisioning attribute updates
New attribute name Old attribute name

Country Code

Country

Email Address

Email

Family Name

Last Name

Formatted Name

Full Name

Given Name

First Name

Locality

City

Multi-factor Authentication Enabled

MFA Enabled

Photos Link

Profile Image

Postal Code

ZIP Code

Region

State/Region

Title

Job Title

Type

User Type

For more information about mapping attributes for inbound provisioning rules, see Adding attribute mapping for inbound provisioning.

May 11

PingOne trial experience enhancements

PingOne
New

Signing up for a trial is a great way to experience the power of PingOne yourself, and now includes a workforce solution designer, which guides you through the process of designing single sign-on experiences for your employees, partners, and vendors. With this enhancement, you can add test users and applications to your trial environment, customize the authentication experience to meet your needs, and test the experience in less than 5 minutes.

May 10

PingOne phasing out SHA-224

PingOne
Security
In a continuous effort to improve security, PingOne will stop supporting the SHA-224 signing algorithm in favor of SHA-256. This change will not affect existing applications and key pairs unless the application is manually updated and saved. When you create new key pairs or new applications in PingOne, they will use SHA-256 by default.

May 8

Support for phone numbers with extensions

PingOne MFA
New
It is now possible to have one-time passwords delivered via voice to phone numbers that include extensions. For details on enabling support for phone numbers with extensions, see Configuring MFA settings and the API documentation for MFA Settings.

May 2

List of Risky IPs encountered

PingOne Risk
New
The risk dashboard now includes a chart that lists the most frequently encountered risky IPs. For each such IP, the total number of events is listed, along with information such as last location and ISP. The chart also allows you to view detailed information for each of the individual events for risky IPs.