February 2023 - PingOne - PingOne Cloud Platform

A new capability (Set Device Order) has been added to the PingOne MFA DaVinci connector to allow you to specify a device as the user's default device or specify the order of the device list that is shown to the user.

PingOne can now sign access and ID tokens with keys from a key rotation policy. Because the PingOne key rotation policy automatically generates new cryptographic keys regularly, this enhancement increases security and helps customers meet and exceed best practices for key management. For more information, see Key rotation policy.

The list of MFA devices defined for a user now includes a menu option that allows admins to set a specific device as the default device for the user.

PingOne now shows the Token Introspection Endpoint URL for Resources. This feature makes it easy for admins to copy the token introspection endpoint for a custom resource if they need to pass the URL to resource server developers. For more information, see Viewing resources.

We’ve created a simpler sidebar navigation experience, designed with clarity and ease-of-use in mind.

You can now expand and collapse sidebar sections as needed. Multiple sections can be expanded at one time, and we’ve added new headers and separators to help you scan and navigate quickly.

Admins can now specify Group Names for user provisioning. This option gives you more flexibility in defining which users are provisioned from PingOne. For more information, see Adding a user filter.

PingOne now includes the information from the LDAP gateway, such as user type and password authority, if the user was migrated through it. For more information, see Viewing users.

You can now view expiry information in the introspective response for refresh tokens, if the refresh token is valid. For more information, see Post Token Introspection (Refresh Token).

Drop-down lists have been added to a number of fields in the PingOne MFA and PingOne Notifications DaVinci connectors to facilitate the provision of the relevant information. This includes:

• Notification name
• Notification policy
• Device authentication policy (MFA policy)
• Application names

To make navigation easier, the PingOne Authorize documentation has been reorganized. You can now find the documentation in a single location under PingOne Services.

In PingOne MFA Settings, we've increased the maximum number of allowed methods you can configure to 20.

To improve the policy authoring experience, we’ve moved options for adding conditions and statements to rules into the hamburger menu. This streamlines rule authoring in Policies and in the Library. For more information, see Adding a policy or policy set.

We’ve given you more control over whether advice statements are included in decision outcomes and the way statements propagate through decision evaluations. This makes it easier to provide information in decision responses, such as reasons for both permit and deny decisions and risk evaluation feedback.

For more information about the new Create and Attach to final decision options in statements, see Adding statements to policies and rules.

To provide a better admin console experience, the following improvements have been made to the Attributes page. You can now:

• Scope your search of user attributes using All, Core, Standard, and Custom.
• Show user attributes that are currently disabled in the attributes list.
• Create a declared attribute with validations, or a JSON attribute.
• Select new configuration options for declared attributes: Multi-valued, Enumerated Values, or Regex Validation.

For more information, see Attributes.