Ping (ForgeRock) SDK for iOS changelog

Upgraded JOSESwift, an open-source library used internally by FRdeviceBinding. [SDKS-4891]

Fixed build issues with Xcode 26.4. [SDKS-4892]

The Device Binding Biometric with Fallback authentication type was not correctly falling back when a passcode was set and biometrics were disabled. [SDKS-4922]

Added ttl and timeExpired properties to the PushNotification object for parity between the Ping (ForgeRock) SDKs for Android and iOS.

Added support for intercepting DELETE_BINDING requests.

Added extra logging to the KeychainService.

Updated PingOneProtectInitializeCallback to accommodate server-side changes.

Fixed inconsistent device identifier generation on iOS 26 which affected authentication journeys that use the Device Profile Collector node.

Resolved an issue where logging out by using the SDK could remove RSA keys from the keychain.

Updated the GoogleSignIn library from 7.1.0 to 9.0.0.

Fixed an object deserialization issue.

Fixed missing stage, header, and description fields in callback requests.

Added support for iOS 26 and Xcode 26

Renamed the Data extension bytes property to bytesArray to avoid Xcode 26 issues. [SDKS-4299]

Removed redundant completion call when using ASWebAuthentication. [SDKS-4345]

Updated Token Manager to revoke mismatched SSO sessions before storing a new token and then fetching a fresh access token. [SDKS-4349]

Fixed DeviceProfileCallback response structure on iOS to match the Ping (ForgeRock) SDK for Android behavior, preventing Device Match Node failures. [SDKS-4228]

Added the ability to update the Apple Push Notification Service (APNs) device token for existing devices registered for push notifications. [SDKS-3684]

Added support for returning WebAuthn authenticator information in the updated WebAuthn authentication and registration callbacks introduced in PingAM and PingOne Advanced Identity Cloud. [SDKS-3842]

Upgraded ReCAPTCHA Enterprise to version 18.7.0 (from 18.6.0) [SDKS-3927]

Resolved an issue where updating device biometrics didn’t enforce device re-binding as expected. [SDKS-3963]

Corrected the missing PingProtect scheme. [SDKS-3856]

Resolved a race condition in the device network collector that prevented NetworkReachabilityMonitor from completing. [SDKS-3827]

Added support for user profile self-service. [SDKS-3409]

Added support for managing registered devices.

Added support for signing-out of PingOne with an ID token. [SDKS-3424]

Updated jailbreak detectors to reduce false-positive detections. [SDKS-3693]

Fixed an issue that caused duplicate PUSH notifications in the Authenticator module. [SDKS-3533]

Added support for the PingOne Protect Marketplace nodes. [SDKS-3296]

Exposed the realm, success URL, and failure URL values within Token. [SDKS-3352]

Added client-side support for the upcoming ReCaptchaEnterpriseCallback callback. [SDKS-3324]

Added support for Device Binding in iOS simulators, by setting Authentication Type in the Device Binding node to None.

Updated the SDK to skip any type 4 TextOutputCallback callbacks, as these contain JavaScript that iOS cannot execute. [SDKS-3226]

Made PolicyAdviceCreator public. [SDKS-3349]

Fixed missing UIKit import issue for SPM. [SDKS-3348]

Fixed an issued preventing SSL pinning from working with root certificates. [SDKS-3334]

Fixed a build failure because FRCore.swiftmodule is not built for arm64. [SDKS-3347]

Added support for signing off from PingOne when using the centralized login flow with OAuth 2.0. [SDKS-3021]

Added the ability to dynamically configure the SDK by collecting values from the server’s OpenID Connect .well-known endpoint. [SDKS-3023]

Fixed issue causing SSL pinning configuration to be ignored in FRURLProtocol class. [SDKS-3239]

Removed scope validation from AccessToken initialization. [SDKS-3305]

Added privacy manifest files to Ping (ForgeRock) SDK for iOS modules. [SDKS-3086]

Updated PingOne Signals (Protect) SDK to version 5.2.3. [SDKS-3086]

Updated Google SDK to version 7.1.0. [SDKS-3086]

Removed storage field from the HardwareCollector class. [SDKS-3086]

Added a new module for integration with PingOne Protect. [SDKS-2901]

Prevented the operation of device binding and signing features on simulators. [SDKS-2995]

Added client-side support for the upcoming AppIntegrity callback. [SDKS-2630/SDKS-2761]

Added a new ephemeralAuthSession browser type for iOS13 and later. [SDKS-2707]

Added iat and nbf claims to the device binding JWS payload. [SDKS-2748]

Added ability to insert custom claims when performing device signing verification. [SDKS-2788]

Fixed an issue where the issuer parameter was not properly parsed when using PingAM 7.2.x. [SDKS-2653]

Fixed an issue related to inadequate cache control. [SDKS-2700]

Fixed an issue when the sfViewController setting in centralized login had entersReaderIfAvailable set to true. [SDKS-2746]

Fixed an issue with the device profile collector that affected phones with multiple sim cards in iOS 16.3 and earlier. [SDKS-2776]

Fixed an issue with device binding API access levels. [SDKS-2886]

Fixed an issue with removing a userkey from the local device repo. [SDKS-2887]

Updated the detection of Jailbreak status. [SDKS-2796]

Improved unit and end-to-end tests. [SDKS-2637]

Added support for interceptors in the authenticator module. [SDKS-2545]

Added support for mfauth deep links in the authenticator sample app. [SDKS-2524]

Added an interface for refreshing access tokens. [SDKS-2563]

Added support for policy advice from IG in JSON format. [SDKS-2239]

Fixed an issue with parsing the issuer value in the URI provided by the combined MFA registration node. [SDKS-2542]

Added an error message about duplicated accounts while using the combined MFA registration node. [SDKS-2627]

Added support for Passkeys. [SDKS-2140]

Added DeviceBinding callback support. [SDKS-1748]

Added DeviceSigningVerifier callback support. [SDKS-2023]

Added support for combined MFA registration in the Authenticator SDK. [SDKS-1972]

Added support for enforcing policies in the Authenticator SDK. [SDKS-2166]

Added an interface for listing and deleting WebAuthn credentials from the device. [SDKS-2279]

Added an interface to specify a device name during WebAuthn registration. [SDKS-2297]

Added a SwiftUI quick start example. [SDKS-2405]

Added error message description to the WebAuthnError enum. [SDKS-2226]

Updated the order of presenting the registered WebAuthN keys on the device. [SDKS-2251]

Updated Facebook SDK version to 16.0.1. [SDKS-1839]

Updated Google SDK version to 7.0.0. [SDKS-2426]

Changed the signature for a number of methods.

Updated legacy encryption algorithm used for generation of cryptographic keys stored in Secure Enclave [SDKS-1994]

Fixed an issue related to push notifications timeout [SDKS-2164]

Fixed an unexpected error occurring during the decoding of some push notifications [SDKS-2199]

Dynamic SDK Configuration [SDKS-1760]

iOS 16 Support [SDKS-1932]

Fixed build errors on Xcode 14 [SDKS-2073]

Fixed bug where the state parameter value was not verified upon calling the Authorize endpoint [SDKS-2077]

Interface for log management [SDKS-1863]

Fixed memory leak in the NetworkCollector class [SDKS-1931]

Add PushType.biometric support and BiometricAuthentication class for biometric authentication. Updated sample app to handle new Push types [SDKS-1865]

Fixed the bug when refreshing the access token we return the old token [SDKS-1824]

Fixed bug when multiple threads are trying to access the same resource in the deviceCollector and ProfileCollector [SDKS-1912]

SSL pinning support [SDKS-1627]

Obtain timestamp from new push notification payload [SDKS-1665]

Add new payload attributes in the push notification [SDKS-1775]

Apple Sign In enhancements to get user profile info [SDKS-1632]

Remove "Accept: application/x-www-form-urlencoded" header from /authorize endpoint for GET requests [SDKS-1729]

Remove iPlanetDirectoryPro (or session cookie name) from the query parameter, and inject it into the header instead [SDKS-1708]

Fix issue when expired push notification displayed as "Approved" in the notification history list [SDKS-1491]

Fix issues with registering TOTP accounts with invalid period [SDKS-1405]

Updated GoogleSignIn library to the latest version 6.1.0.

FRGoogleSignIn is now available through SPM.

Added custom implementation for HTTPCookie for iOS 11+ devices, to support NSSecureCoding for storing cookies.

Changed all instances of Archiving/Unarchiving to use NSSecureCoding.

SecuredKey initializer now supports passing a Keychain accessibility flag.

SecuredKey now has the same default Keychain accessibility flag as the KeychainService ".afterFirstUnlock".

Fixed an issue where the MetadataCallback was overriding the stage property of a node.

Fixed an issue which was affecting the centralized login feature.

Various bug fixes and enhancements for the Authenticator SDK.