--- title: Ping (ForgeRock) SDK for JavaScript changelog description: Subscribe to get automatic updates: component: sdks version: latest page_id: sdks:release-notes:changelogs/changelog_javascript canonical_url: https://docs.pingidentity.com/sdks/latest/release-notes/changelogs/changelog_javascript.html revdate: Fri, 16 May 2025 10:58:30 +0100 keywords: ["Features", "Source Code", "SDK", "JavaScript"] section_ids: js_4_9_1: Ping (ForgeRock) SDK for JavaScript 4.9.1 js_4_9_0: Ping (ForgeRock) SDK for JavaScript 4.9.0 js_4_8_3: Ping (ForgeRock) SDK for JavaScript 4.8.3 js_4_8_2: Ping (ForgeRock) SDK for JavaScript 4.8.2 js_4_8_0: Ping (ForgeRock) SDK for JavaScript 4.8.0 js_4_7_0: Ping (ForgeRock) SDK for JavaScript 4.7.0 js_4_6_0: Ping (ForgeRock) SDK for JavaScript 4.6.0 js_4_4_2: Ping (ForgeRock) SDK for JavaScript 4.4.2 js_4_4_0: Ping (ForgeRock) SDK for JavaScript 4.4.0 js_4_3_0: Ping (ForgeRock) SDK for JavaScript 4.3.0 js_4_2_0: Ping (ForgeRock) SDK for JavaScript 4.2.0 js_4_1_2: Ping (ForgeRock) SDK for JavaScript 4.1.2 js_4_1_1: Ping (ForgeRock) SDK for JavaScript 4.1.1 javascript_sdk_4_0_0: Ping (ForgeRock) SDK for JavaScript 4.0.0 ping_forgerock_sdk_for_javascript_3_4_0: Ping (ForgeRock) SDK for JavaScript 3.4.0 ping_forgerock_sdk_for_javascript_3_3_0: Ping (ForgeRock) SDK for JavaScript 3.3.0 --- # Ping (ForgeRock) SDK for JavaScript changelog Subscribe to get automatic updates: * [icon: rss-square, set=fa][Ping (ForgeRock) SDKs Changelog RSS feed](developer_experience_changelog_rss.xml) * [icon: square-envelope, set=fa][Ping (ForgeRock) SDKs Changelog email notifications](https://backstage.forgerock.com/account/notifications/settings) ## Ping (ForgeRock) SDK for JavaScript 4.9.1 May 6, 2026 `patch` **Fixed** * Fixed an issue with `getAuthenticationCredential` that prevented WebAuthn cancellation errors such as `NotAllowedError` from being written to the `HiddenValueCallback` correctly. ## Ping (ForgeRock) SDK for JavaScript 4.9.0 March 11, 2026 `minor` **Added** * Added support for autofill conditional UI properties in WebAuthn callbacks. * Added support for the `signalsInitializationOptions` property in the `PingOneProtectInitalizeCallback`. If not present, the Ping (ForgeRock) SDK uses the standalone initialization properties to maintain backwards compatibility. ## Ping (ForgeRock) SDK for JavaScript 4.8.3 December 3, 2025 `patch` **Updated** * Aligns the `PingOneProtectInitalizeCallback` with PingOne Protect Initialization Node. **Fixed** * Fixed an issue with bad export syntax in `package.json`. **Removed** * Removed a shared array buffer type from the WebAuthn `ParsedCredentials` object. ## Ping (ForgeRock) SDK for JavaScript 4.8.2 July 9, 2025 `patch` **Fixed** * Fixed the conditions for determining a session endpoint request when terminating Advanced Identity Cloud and PingAM sessions. ## Ping (ForgeRock) SDK for JavaScript 4.8.0 May 16, 2025 `minor` **Added** * Added a flag to skip immediately to the OAuth 2.0 flow rather than attempting to get tokens without redirecting. \[SDKS-3866] * Added support for signing out of PingOne by using an ID token. \[SDKS-3757] **Changed** * Removed an unneeded call to the `/session` endpoint. \[SDKS-3757] ## Ping (ForgeRock) SDK for JavaScript 4.7.0 February 11, 2025 `minor` **Added** * Added a device client module to manage registered devices. **Changed** * Prioritized `displayName` field over `userName` when saving a WebAuthn or passkey to an account. Previously the SDK displayed a UUID for saved credentials rather than the user's name. \[SDKS-3473] ## Ping (ForgeRock) SDK for JavaScript 4.6.0 October 17, 2024 `minor` **Added** * Added centralized login support for PingFederate servers. \[SDKS-3250] * Added client-side support for the upcoming `ReCaptchaEnterpriseCallback` callback. \[SDKS-3326] * Added support for the PingOne Protect Marketplace nodes. \[SDKS-3298] **Changed** * Refactored authorize URL utilities for upcoming DaVinci module. \[SDKS-3183] * Updated allowed message list to include PingFederate "requires consent" response. \[SDKS-3478] * Changed the PKCE utility to return a storage function. ## Ping (ForgeRock) SDK for JavaScript 4.4.2 May 15, 2024 `patch` **Added** * Added a `logoutRedirectUri` parameter to the `FRUser.logout()` method. Add the parameter to invoke a redirect flow, for revoking tokens and ending sessions created by a PingOne server. To learn more, follow the [JavaScript tutorial for PingOne](../../sdks/tutorials.html). * Added a [`platformHeader` configuration property](../../sdks/sdkconfiguration/configure-sdk-javascript.html) to control whether the SDK adds the `X-Requested-Platform` header to all outgoing connections. **Updated** * Updated the embedded [PingOne Signals (Protect) SDK](https://docs.pingidentity.com/pingone/threat_protection_using_pingone_protect/p1_protect_signals_sdk.html) to the latest version. * Updated the SDK to import the PingOne Signals (Protect) SDK dynamically and start it with a method call rather than on load. * Updated the build system to use [Vite](https://vitejs.dev/). **Fixed** * Wrapped the PingOne Signals (Protect) SDK to protect it from being called when running server-side. ## Ping (ForgeRock) SDK for JavaScript 4.4.0 March 13, 2024 `minor` **Added** * Added a new module for integration with [PingOne Protect](https://www.pingidentity.com/en/platform/capabilities/threat-protection/pingone-protect.html). \[SDKS-2902] * Added the ability to include the supplied device name when displaying recovery codes. \[SDKS-2536] * Added the ability to use the OpenID Connect `.well-known` endpoint to override the default path configuration. \[SDKS-2966] This simplifies using the SDKs with OIDC-compliant identity providers, such as [**PingOne**](https://docs.pingidentity.com/pingone/). For more information, refer to the [Ping (ForgeRock) SDK for JavaScript PingOne tutorial](../../sdks/tutorials/javascript/index.html). | | | | - | --------------------------------------------------------------------------------------------------------------------------------------- | | | The SDK is currently unable to revoke PingOne-issued OIDC tokens when using Firefox and Safari, due to third-party cookie restrictions. | * Added `StepOptions` type to the [public API](https://developer.pingidentity.com/reference/sdks/javascript/api-reference-core-4-9/enums/fr-auth_enums.StepType.html). **Fixed** * Fixed a naming collision when using `sessionStorage` for tokens, state, and PKCE data and performing centralized login. \[SDKS-2945] ## Ping (ForgeRock) SDK for JavaScript 4.3.0 January 4, 2024 `minor` **Added** * Added ability to override default prefix string given to storage keys. For more information, refer to `prefix` in the [Ping (ForgeRock) SDK for JavaScript Properties](../../sdks/sdkconfiguration/configure-sdk-javascript.html). * Added an `FRQRCode` utility class to determine if a step has a QR code and handle the data to display. For more information, refer to [Set up QR code handling](../../sdks/use-cases/how-to-handle-qr-codes.html). **Fixed** * Fixed undefined `main` and `module` fields in package.json. ## Ping (ForgeRock) SDK for JavaScript 4.2.0 September 11, 2023 `minor` **Added** * Added a `logLevel` configuration property to specify the level of logging the SDK performs. For more information, refer to [About the default Ping (ForgeRock) SDK for JavaScript logger](../../sdks/customize/how-to-custom-loggers.html#default-logger-javascript). * Added a `customLogger` configuration property to specify a replacement for the native `console.log` that the SDK uses by default. For example, you could write a replacement that captures SDK log output to services such as [Relic](https://newrelic.com/) or [Rocket](https://logrocket.com/). For more information, refer to [Customize the Ping (ForgeRock) SDK for JavaScript logger ](../../sdks/customize/how-to-custom-loggers.html#customize-logger-javascript). ## Ping (ForgeRock) SDK for JavaScript 4.1.2 July 20, 2023 `patch` **Added** * Added support in preparation for upcoming Token Vault. **Fixed** * Fixed an issue with the `getTokens()` method failing if no parameters are provided and you perform certain down-leveling of code in the build process. ## Ping (ForgeRock) SDK for JavaScript 4.1.1 June 29, 2023 `minor` **Added** * Added support in the HTTPClient for receiving transactional authorization advice in JSON format. **Changed** * Improved types when using strict mode with TypeScript. ## Ping (ForgeRock) SDK for JavaScript 4.0.0 May 23, 2023 `major` **Added** * Added the ability to [provide a device name when registering WebAuthN devices](../../sdks/use-cases/web-biometrics/handling-web-biometrics.html). **Changed** * Updated ESModule (ESM) bundle. * Updated tags in the GitHub repo to be prefixed with the package name. For example, `javascript-sdk-${tag}`. * Inserted a `prompt=none` parameter into OAuth 2.0 calls to the `/authorize` endpoint to prevent console error about frames. **Incompatible changes** * No longer provides Universal Module Definition (UMD) support * Updated Policy types * Removed duplicate modules For more information, refer to [Incompatible changes](../breaking/breaking-changes.html#JS400). **Deprecated** * JavaScript `support` configuration property deprecated. For more information, refer to [Deprecations](../deprecations/deprecations.html#dep-JS400). ## Ping (ForgeRock) SDK for JavaScript 3.4.0 October 10, 2022 `minor` **Changed** * Fixed HTTP headers by capitalizing all header names * Added support for `TextInput` callback * Updated device profile collection code: * Added optional chaining to protect object checks in both browser and node environments * Changed usage of `window.crypto` to `globalThis.crypto` to improve compatibility ## Ping (ForgeRock) SDK for JavaScript 3.3.0 April 25, 2022 `minor` **Added** * Added Angular sample app. * Added token threshold feature.