January 2023 - PingOne - PingOne Cloud Platform

Now you can quickly resolve an attribute against its parent, with a single click. This makes it easier to construct attributes from service responses. For more information, see Adding resolvers to an attribute.

The PingOne App for Splunk is now available. The app allows you to create custom dashboards and reporting, monitor activity data, and analyze event data over time in Splunk. For more information, see Installing the PingOne App for Splunk.

Email addresses for all PingOne admin accounts must be verified by April 25, 2023. Prior to that date, administrators whose email addresses have not been saved or verified will be prompted to do so. After that date, administrators will not be able to access the admin console until they save and verify their email addresses.

You can now update the PingOne trial experience with the latest DaVinci flows available, or reset your configuration to its default settings. When a DaVinci flow is updated, you are notified that a new version is available. If you choose to use the updated version, your existing configuration will be erased.

PingOne now supports Google Workspace for outbound provisioning. You can synchronize PingOne identities to Google Workspace using the provisioning connector. For more information, see Provisioning.

Version 1.8.1 of the PingOne MFA mobile SDK has been released. This version includes:

• The ability to define time-sensitive notifications for iOS apps, taking advantage of the focus mode mechanism which was introduced in iOS 15. For additional details, see Read Me - iOS (push notifications).
• Categories for push notifications. For details, see Delivery methods and variables.
• Support for mobile applications that use Huawei Mobile Services. For details, see Editing an application - Native. For details on carrying out the configuration with the PingOne API, see Application Management (Application Operations and Application MFA Push Credentials).
• Support for convergence from PingID SDK to PingOne MFA
• Standardized distribution of the SDK using Maven Central and Swift packages

For additional details, see Release notes - Android version and Release notes - iOS version.

For Push notification templates, it is now possible to select a push category to control the type of banner that is displayed to the user. The available options are:

• Banner buttons: The default banner - contains both Approve and Deny buttons.
• No banner buttons: When the user clicks the banner, they are taken to an application that contains the necessary approval controls.
• Approve & open app: When the Approve button is clicked, authentication is completed and the user is taken to the relevant application.

You can now configure Android applications to use Huawei Mobile Services. For more information, see Editing an application - Native.

For details on carrying out the configuration with the PingOne API, see Application Management (Application Operations and Application MFA Push Credentials)

You can now use the API to generate reports of MFA devices. You can use one of the following criteria for deciding what devices should be included in the report: whether or not MFA is enabled, the type of device, the email address for the device, the phone number of the device. For example, you can generate a report listing all email devices or a report containing all of the devices whose phone number starts with a certain country code. Results can be returned in the response to the API call or as a file (CSV or JSON). For details, see Reporting.

You can now add multiple instances of a SAML application through the Application Catalog page in your PingOne admin console. This simplifies the setup process when each instance identifies the service provider with a unique Entity ID. For more information, see Adding an application from the application catalog.

You can now find new features in PingOne Verify policies, such as liveness verification, verification of an multi-factor authentication (MFA) device after web flow notification, data collection-only enablement, and transaction timeout configuration. This enables you to create a custom policy to verify a user for different scenarios. For more information, see Creating a verify policy.

Admin users can now collect and audit PingOne Verify transaction events using webhooks. For more information, see Introduction to PingOne Verify.

In MFA policies, it is now possible to specify how much time users have to respond to a push notification before it expires. This period can be defined separately for each mobile application included in the MFA policy.

It is now possible to block a user's MFA device, and to unblock a device that is currently blocked. These actions can be performed both from the UI and using the API. For details, see Managing a user’s devices and services and the MFA Devices section in the API documentation.

The default method to use for MFA is now set at the MFA policy level rather than at the environment level. You can choose from the following options:

• Use the method that the user set as their default.
• Always have the user select the method to use if there is more than one method available.
• Always have the user select the method to use even if there is only one method available.

Your risk policies can now include New Device predictors, which allow your risk policy to take into account the risk associated with users trying to access applications from unknown devices or devices that have not been used in the recent past.