June 2023 - PingOne Cloud Platform - PingOne

PingOne Cloud Platform

bundle
pingone
ft:publication_title
PingOne Cloud Platform
Product_Version_ce
PingOne Cloud Platform
PingOne
category
Administratorguide
ContentType
Guide
Product
Productdocumentation
p1
p1cloudplatform
ContentType_ce
Product documentation
Guide > Administrator Guide
Guide

June 30

PingOne Risk is now PingOne Protect

PingOne Protect
New

With Bot Detection and Suspicious Device predictors, PingOne Protect enhances detection and helps prevent account takeover and new account fraud. For more information, read the PingOne Protect datasheet.

If you are a current PingOne Risk customer, this change doesn't affect your service. To learn more about the new capabilities, reach out to your account team.

Encryption key rotation

PingOne Mobile SDK
Improved
The PingOne MFA SDK has been updated to rotate encryption keys once a year. Key rotation events are written to the audit log.

June 29

PingOne MFA mobile SDK 1.10

PingOne Mobile SDK
New

Version 1.10 of the PingOne MFA mobile SDK has been released.

This version includes encryption key rotation once a year.

See Release notes - Android version and Release notes - iOS version.

Encryption key rotation

PingOne Mobile SDK
Improved
The PingOne MFA SDK has been updated to rotate encryption keys once a year. Key rotation events are written to the audit log.

June 28

User license limit warnings

PingOne
Improved
Warning messages now display on the Users page of the console when you reach 90% and 100% of the maximum number of user identities included in your license agreement. At 110%, you can no longer create user identities and the message instructs you to contact Support to increase your limit. Email notifications are also sent at these intervals if alerts are configured in Monitoring > Alerts.

June 26

Run the LDAP Gateway as a Windows service

PingOne
New

You can now run the PingOne LDAP gateway as a standalone service on Microsoft Windows. You’ll do this by downloading a ZIP archive and adding the service to a computer running Windows. This feature is in addition to the existing options of running the PingOne LDAP Gateway as a Java application or in a Docker container. For more information, see LDAP Gateways.

June 22

Request Parameter Signature Requirement

PingOne
New
In PingOne, you can now specify how applications send the optional request parameter in their authorization requests. This option gives admins flexibility to choose a more secure option, a more flexible option, or a balance between the two. For more information, see Request Parameter Signature Requirement.

June 20

New authorization comparators for IP subnet ranges

PingOne Authorize
New
With the new In CIDR Block and Not In CIDR Block comparators, you can check whether a user’s IP address is in, or not in, a defined subnet range. These comparators make it easier to add network information checks to your zero trust policies. IPv4 and IPv6 addresses are supported. For more information, see Authorization conditions.

FIDO authentication methods and FIDO policy enhancements

PingOne MFA
Improved

To enhance the FIDO2 authentication experience, we are expanding FIDO policies to include a broader set of configurations that provide you with more granular control over your FIDO2 authentication devices. For best practice guidance, we're also providing two out-of-the-box FIDO policies, pre-configured to allow Passkey and Security Key authentication.

To facilitate this change we are deprecating the existing FIDO Biometrics and Security Key authentication methods in the MFA Policies, and replacing them with a single, comprehensive FIDO2 authentication method. For information about adding the enhanced FIDO policy, and the new features it provides, see Adding a FIDO policy.

If you have an MFA policy that references a deprecated authentication method, we recommend that you replace it with the FIDO2 authentication method, and reference an enhanced FIDO policy. You will also need to update any related scripts and DaVinci flows that reference the deprecated authentication methods. For information, see Updating an existing MFA policy to use FIDO2.

Note: FIDO2 authentication is supported in PingOne MFA and PingOne DaVinci. In a future version, PingFederate Integration Kit for PingOne MFA will also support the FIDO2 authentication method.

FIDO authentication methods and FIDO policy enhancements

PingOne MFA
Improved
You can now fade out the use of an authentication method by preventing new users from pairing devices with that method, while allowing existing users to continue to authenticate using devices that are already paired with that authentication method. To facilitate this, we've added an Allow Pairing checkbox to each of the authentication methods listed under MFA policy. Deselect a checkbox to prevent new users from pairing their device with that authentication method. For more information see Adding an MFA policy.

June 12

Push settings for Google Play-based apps

PingOne MFA
Info

PingOne MFA has moved to Firebase Cloud Messaging for sending push messages.

This impacts the credentials you must enter when enabling push notifications for Google Play-based mobile applications.

For details, see Editing an application - Native and the Application MFA Push Credentials section in the API documentation.

June 2

User details panel improvements

PingOne
Improved
We’ve expanded the width of the Profile and Roles sections of the user details panel to improve readability.