Ping SDKs

What’s New

Subscribe to get automatic updates:

SDKs Renamed
Prior to November 2024, the Ping SDKs were known as the ForgeRock SDKs.

Latest updates

SDK for Android 4.7.0 released NEW

11 February, 2025

A new version of the ForgeRock SDK for Android is now available with improvements and fixes over earlier versions:


11 February, 2025

A new version of the ForgeRock SDK for iOS is now available with improvements and fixes over earlier versions:


SDK for JavaScript 4.7.0 released NEW

11 February, 2025

A new version of the SDK for JavaScript is now available with improvements and fixes over earlier versions:

Added

Changed

  • Prioritized displayName field over userName when saving a WebAuthn or passkey to an account. Previously the SDK displayed a UUID for saved credentials rather than the user’s name.


16 December, 2024

The first version of the DaVinci client for Android, iOS and JavaScript is now available.

The Ping SDK DaVinci clients are constantly evolving to meet your business needs.

Check back from time to time on latest updates and enhancements.

  • Supports the Custom HTML Template capability of the HTTP Connector.

  • Supports the following fields:

    • Text field

    • Password field

    • Submit button

    • Flow button

    To learn more, refer to Supported DaVinci fields.

  • Follow the DaVinci client tutorials to quickly setup a demo app to connect to your DaVinci flows.

  • Read how to configure the DaVinci client to leverage DaVinci flows in your native or single-page apps.


SDK for Android 4.6.0 released

17 October, 2024

A new version of the ForgeRock SDK for Android is now available with improvements and fixes over earlier versions:

  • Added the ability to customize how the ForgeRock SDK stores tokens and data.

    To learn more, refer to Customizing storage.

  • Added support for Android App Links that use the http/https scheme for redirect URIs in centralized login apps.

    To learn more, refer to Using centralized login.

  • Added support for Android 15.

  • Added support for the PingOne Protect Marketplace nodes.


SDK for iOS 4.6.0 released

17 October, 2024

A new version of the ForgeRock SDK for iOS is now available with improvements and fixes over earlier versions:

  • Added support for the PingOne Protect Marketplace nodes.

  • Exposed the realm, success URL and failure URL values within Token.

  • Added client-side support for the upcoming ReCaptchaEnterpriseCallback callback.


SDK for JavaScript 4.6.0 released

17 October, 2024

A new version of the ForgeRock SDK for JavaScript is now available with improvements and fixes over earlier versions:

  • Added centralized login support for PingFederate servers.

  • Added client-side support for the upcoming ReCaptchaEnterpriseCallback callback.

  • Added support for the PingOne Protect Marketplace nodes.


SDK for Android 4.5.0 released

9 July, 2024

A new version of the ForgeRock SDK for Android is now available with improvements and fixes over earlier versions:


SDK for iOS 4.5.0 released

9 July, 2024

A new version of the ForgeRock SDK for iOS is now available with improvements and fixes over earlier versions:


Ping (ForgeRock) Login Widget 1.3.0 released NEW

30 May, 2024

A new version of the ForgeRock SDK for JavaScript is now available with improvements and fixes over earlier versions:

  • Added support for integration with PingOne Protect.

  • Added the name of the device to the recovery codes page.


SDK for JavaScript 4.4.2 released

15 May, 2024

A new version of the ForgeRock SDK for JavaScript is now available with improvements and fixes over earlier versions:

  • Added a logoutRedirectUri parameter to the FRUser.logout() method.

    Add the parameter to invoke a redirect flow, for revoking tokens and ending sessions created by a PingOne server.

    To learn more, follow the JavaScript tutorial for PingOne.

  • Added a platformHeader configuration property to control whether the SDK adds the X-Requested-Platform header to all outgoing connections.


SDK for iOS 4.4.1 released

25 April, 2024

A new version of the ForgeRock SDK for iOS is now available with improvements and fixes over earlier versions:


SDK for iOS 4.4.0 released

4 April, 2024

A new version of the ForgeRock SDK for iOS is now available with improvements and fixes over earlier versions:


SDK for Android 4.4.0 released

28 March, 2024

A new version of the ForgeRock SDK for Android is now available with improvements and fixes over earlier versions:


SDK for JavaScript 4.4.0 released

13 March, 2024

A new version of the ForgeRock SDK for JavaScript is now available with improvements and fixes over earlier versions:

  • Added a new module for future integration with PingOne Protect.

  • Added the ability to include the supplied device name when displaying recovery codes.

    Learn more at Using the device name.

  • Added the ability to use values from an OpenID Connect .well-known URL to automatically configure the SDK paths.

    This simplifies using the SDKs with OIDC-compliant identity providers, such as PingOne.

    For more information, refer to the ForgeRock SDK for JavaScript PingOne tutorial.


SDK for Android 4.3.1 released

9 February, 2024

A new version of the ForgeRock SDK for Android is now available with improvements and fixes over earlier versions:

  • Fixed an SDK crash during device binding on Android 9 devices.


Ping (ForgeRock) Login Widget 1.2.1 released

8 January, 2024

A new version of the Ping (ForgeRock) Web Login Framework is now available with improvements and fixes over earlier versions:

  • Support for CAPTCHA nodes.


SDK for JavaScript 4.3.0 released

4 January, 2024

A new version of the ForgeRock SDK for JavaScript is now available with improvements and fixes over earlier versions:

  • Added ability to override default prefix string given to storage keys.

    For more information, refer to prefix in the ForgeRock SDK for JavaScript Properties.

  • Added an FRQRCode utility class to determine if a step has a QR code and handle the data to display.

    For more information, refer to Set up QR code handling.


SDK for Android 4.3.0 released

28 December, 2023

A new version of the ForgeRock SDK for Android is now available with improvements and fixes over earlier versions:

  • Added ability to customize cookie headers in outgoing requests from the SDK.

  • Added ability to add custom claims when verifying signatures from bound devices.

  • Added client-side support for the upcoming AppIntegrity callback.


SDK for iOS 4.3.0 released

28 December, 2023

A new version of the ForgeRock SDK for iOS is now available with improvements and fixes over earlier versions:

  • Added client-side support for the upcoming AppIntegrity callback.

  • Added a new ephemeralAuthSession browser type for iOS13 and later.

  • Added iat and nbf claims to the device binding JWS payload.

  • Added ability to insert custom claims when performing device signing verification.

  • Updated the detection of Jailbreak status.


SDK for Android 4.2.0 released

3 October, 2023

A new version of the ForgeRock SDK for Android is now available with improvements and fixes over earlier versions:

  • Added Gradle 8 and JDK 17 support.

  • Added Android 14 support.

  • Added verification of key pairs during device binding enrollment by using Google Key Attestation.

  • Added issued at (iat) and not before (nbf) claims to JSON Web tokens used for device binding and signing verification.


Token Vault 4.2.0 released

11 September, 2023

A new version of the Token Vault is now available with improvements and fixes over earlier versions:

  • Added a requirement to declare a list of URLs in the Token Vault Proxy configuration. These generate an allowlist of origins to which the proxy can forward requests.


SDK for JavaScript 4.2.0 released

11 September, 2023

A new version of the ForgeRock SDK for JavaScript is now available with improvements and fixes over earlier versions:

  • Added a logLevel configuration property to specify the level of logging the SDK performs.

  • Added a customLogger configuration property to specify a replacement for the native console.log that the SDK uses by default.

    For example, you could write a replacement that captures SDK log output to services such as Relic or Rocket.


SDK for Android 4.1.0 released

31 July, 2023

A new version of the ForgeRock SDK for Android is now available with improvements and fixes over earlier versions:

  • Added support for interceptors in the authenticator module

  • Added an interface for refreshing access tokens

  • Added support for policy advice from IG in JSON format


SDK for iOS 4.1.0 released

28 July, 2023

A new version of the ForgeRock SDK for iOS is now available with improvements and fixes over earlier versions:

  • Added support for interceptors in the authenticator module.

  • Added support for mfauth deep links in the authenticator sample app.

  • Added an interface for refreshing access tokens.

  • Added support for policy advice from IG in JSON format.


Token Vault 4.1.2 released

24 July, 2023

Token Vault provides an additional layer of security for storing and using OAuth 2.0 and OpenID Connect 1.0 tokens in your JavaScript single-page applications (SPAs).

Implemented as a plugin for the ForgeRock SDK for JavaScript, Token Vault provides a feature called origin isolation.


SDK for JavaScript 4.1.2 released

20 July, 2023

A new version of the ForgeRock SDK for JavaScript is now available with improvements and fixes over earlier versions:

  • Added support in preparation for upcoming Token Vault.


Ping (ForgeRock) Login Widget 1.1.0 released

17 July, 2023

A new version of the Ping (ForgeRock) Web Login Framework is now available with improvements and fixes over earlier versions:

  • Support for device profiling callbacks (DeviceProfileCallback)

  • Support for web authentication (WebAuthn) journeys and trees.


SDK for JavaScript 4.1.1 released

29 June, 2023

A new version of the ForgeRock SDK for JavaScript is now available with improvements and fixes over earlier versions:

  • Added support in the HTTPClient for receiving transactional authorization advice in JSON format.


SDK for iOS 4.0.0 released

9 June, 2023

A new version of the ForgeRock SDK for iOS is now available with improvements and fixes over earlier versions:

This release contains changes that could affect the functionality of your app.


SDK for Android 4.0.0 released

30 May, 2023

A new version of the ForgeRock SDK for Android is now available with improvements and fixes over earlier versions:

This release contains changes that could affect the functionality of your app.


SDK for JavaScript 4.0.0 released

23 May, 2023

A new version of the ForgeRock SDK for JavaScript is now available with improvements and fixes over earlier versions:

This release contains changes that could affect the functionality of your app.

Refer to the following pages for details:


Ping (ForgeRock) Login Widget 1.0.0 released

18 April, 2023

The Ping (ForgeRock) Login Widget is an all-inclusive UI component to help you add authentication, user registration, and other self-service journeys into your web applications.

The Ping (ForgeRock) Login Widget uses the Ping SDK for JavaScript internally, and adds a user interface and state management. This rendering layer helps eliminate the need to develop and maintain the UI components for providing complex authentication experiences.

Release timeline

Key:

N.N.N = Latest version

Release date Platform SDK version Release type(1)

2025-FEB-11

Android

4.7.0

Minor

2024-FEB-11

iOS

4.7.0

Minor

2025-FEB-11

JavaScript

4.7.0

Minor

2024-DEC-16

DaVinci client

1.0.0

Major

2024-OCT-17

Android

4.6.0

Minor

2024-OCT-17

iOS

4.6.0

Minor

2024-OCT-17

JavaScript

4.6.0

Minor

2024-JUL-11

Android

4.5.0

Minor

2024-JUL-11

iOS

4.5.0

Minor

2024-JUN-05

Login Widget

1.3.0

Minor

2024-MAY-15

JavaScript

4.4.2

Patch

2024-APR-25

iOS

4.4.1

Patch

2024-APR-04

iOS

4.4.0

Minor

2024-MAR-28

Android

4.4.0

Minor

2024-MAR-13

JavaScript

4.4.0

Minor

2024-FEB-09

Android

4.3.1

Patch

2024-JAN-08

Login Widget

1.2.1

Minor

2024-JAN-04

JavaScript

4.3.0

Minor

2023-DEC-28

Android

4.3.0

Minor

2023-DEC-28

iOS

4.3.0

Minor

2023-JUL-31

Android

4.2.0

Minor

2023-SEP-11

Token Vault

4.2.0

Minor

2023-SEP-11

JavaScript

4.2.0

Minor

2023-JUL-31

Android

4.1.0

Minor

2023-JUL-28

iOS

4.1.0

Minor

2023-JUL-24

Token Vault

4.1.2

Major

2023-JUL-20

JavaScript

4.1.2

Patch

2023-JUL-17

Login Widget

1.1.0

Minor

2023-JUN-29

JavaScript

4.1.1

Patch

2023-JUN-09

iOS

4.0.0

Major

2023-MAY-30

Android

4.0.0

Major

2023-MAY-23

JavaScript

4.0.0

Major

2023-APR-18

Login Widget

1.0.0

Major

2022
Release date Platform SDK version Release type(1)

2022-NOV-15

iOS

3.4.1

Patch

2022-OCT-10

JavaScript

3.4.0

Minor

2022-SEP-29

Android

3.4.0

Minor

2022-SEP-22

iOS

3.4.0

Minor

2022-JUN-22

Android

3.3.3

Patch

2022-JUN-21

Android

3.3.2

Patch

2022-JUN-20

iOS

3.3.2

Patch

2022-JUN-08

iOS

3.3.1

Patch

2022-MAY-19

iOS

3.3.0

Minor

2022-MAY-18

Android

3.3.0

Minor

2022-APR-25

JavaScript

3.3.0

Minor

2022-JAN-27

iOS

3.2.0

Minor

2022-JAN-26

Android

3.2.0

Minor

2021
Release date Platform SDK version Release type(1)

2021-NOV-17

iOS

3.1.1

Patch

2021-OCT-28

Android

3.1.2

Patch

2021-SEP-25

iOS

3.1.0

Minor

2021-SEP-09

Android

3.1.1

Patch

2021-MAY-24

All

3.0.0

Major

2020
Release date Platform SDK version Release type(1)

2020-DEC-18

All

2.2.0

Minor

2020-AUG-21

All

2.1.0

Minor

2020-JUN-30

All

2.0.0

Major

2019
Release date Platform SDK version Release type(1)

2019-DEC-10

All

GA.12.10.2019

Technology Preview

2019-OCT-21

All

Beta.10.21.2019

Technology Preview

(1) For details about the scope of expected changes for different release types, see Interface stability.

SDK for Android changelog

Subscribe to get automatic updates:

Android SDK 4.7.0

February 11, 2025

Added

  • Added support for user profile self-service. [SDKS-3408]

  • Added support for managing registered devices.

  • Added support for signing-out of PingOne with an ID token. [SDKS-3423]

Updated

  • Improved compatibility with certain devices by implementing a fallback mechanism that uses asymmetric key generation if symmetric key generation in the AndroidKeyStore fails. [SDKS-3467]

Fixed

  • Fixed an issue that caused duplicate PUSH notifications in the Authenticator module. [SDKS-3533]

Android SDK 4.6.0

October 17, 2024

Added

  • Added support for Android 15. [SDKS-3098]

  • Added the ability to customize how the SDK stores tokens and data. [SDKS-3378]

  • Added support for Android App Links that use the http/https scheme for redirect URIs in centralized login apps. [SDKS-3433]

  • Added support for the PingOne Protect Marketplace nodes. [SDKS-3297]

  • Exposed the realm and success URL values within SSOToken. [SDKS-3351]

  • Added client-side support for the upcoming ReCaptchaEnterpriseCallback callback. [SDKS-2499]

Updated

  • Updated the SDK to ignore any type 4 TextOutputCallback callbacks, as these contain JavaScript that Android cannot execute. [SDKS-3227]

Fixed

  • Fixed a potential ServiceConnection leak in CustomTabManager. [SDKS-3346]

Android SDK 4.5.0

July 12, 2024

Added

  • Added support for signing off from PingOne to the centralized login flow. [SDKS-3020]

  • Added the ability to dynamically configure the SDK by collecting values from the server’s OpenID Connect .well-known endpoint. [SDKS-3022]

Fixed

  • Resolved security vulnerability warnings related to the commons-io-2.6.jar and bcprov-jdk15on-1.68.jar libraries. [SDKS-3072, SDKS-3073]

  • Fixed a NullPointerException in the centralized login flow. [SDKS-3079]

  • Improved multi-threaded performance when caching access tokens. [SDKS-3104]

  • Synchronized the encryption and decryption block to avoid keystore crashes. [SDKS-3199]

  • Fixed an issue related to handling HiddenValueCallback if isMinifyEnabled is set to true. [SDKS-3201]

  • Fixed an issue where device binding using an application PIN was failing when Arabic language was used. [SDKS-3221]

  • Fixed an issue where browser sessions were not properly signed out when a non-default browser was used in centralized login. [SDKS-3276]

  • Fixed an unexpected behavior in the authentication flow caused by AppAuthConfiguration settings being ignored during centralized login. [SDKS-3277]

  • Fixed the FRUser.revokeAccessToken() method to not end the user’s session during the centralized login flow. [SDKS-3282]

Android SDK 4.4.0

March 28, 2024

Added

  • Added a new module for integration with PingOne Protect. [SDKS-2900]

  • Added support for the TextInput callback. [SDKS-545]

  • Added an interface for customizing the biometric UI prompts when device binding or signing. [SDKS-2991]

  • Added x-requested-with: forgerock-sdk and x-requested-platform: android immutable HTTP headers to each outgoing request. [SDKS-3033]

Fixed

  • Addressed a null pointer exception during centralized login by using ActivityResultContract in place of the deprecated onActivityResult method. [SDKS-3079]

  • Addressed nimbus-jose-jwt:9.25 library security vulnerability (CVE-2023-52428). [SDKS-2988]

Android SDK 4.3.1

February 9, 2024

Fixed

  • Fixed an issue where the SDK crashes during device binding on Android 9 devices. [SDKS-2948]

Android SDK 4.3.0

December 28, 2023

Added

  • Added ability to customize cookie headers in outgoing requests from the SDK. [SDKS-2780]

  • Added ability to add custom claims when verifying signatures from bound devices. [SDKS-2787]

  • Added client-side support for the upcoming AppIntegrity callback. [SDKS-2631]

Updated

  • The SDK now uses auth-per-use keys for Device Binding. [SDKS-2797]

  • Improved handling of WebAuthn cancellations. [SDKS-2819]

  • The forgerock_url, forgerock_realm, and forgerock_cookie_name parameters are now mandatory when dynamically configuring the SDK. [SDKS-2782]

  • Addressed woodstox-core:6.2.4 library security vulnerability CVE-2022-40152. [SDKS-2751]

Android SDK 4.2.0

October 3, 2023

Added

  • Added Gradle 8 and JDK 17 support. [SDKS-2451]

  • Added Android 14 support. [SDKS-2636]

  • Added verification of key pairs during device binding enrollment by using Google Key Attestation. [SDKS-2412]

  • Added issued at (iat) and not before (nbf) claims to JSON Web tokens used for device binding and signing verification. [SDKS-2747]

Android SDK 4.1.0

July 31, 2023

Added

  • Added support for interceptors in the authenticator module. [SDKS-2544]

  • Added an interface for refreshing access tokens. [SDKS-2567]

  • Added support for policy advice from IG in JSON format. [SDKS-2240]

Fixed

  • Fixed an issue with parsing the issuer value in the URI provided by the combined MFA registration node. [SDKS-2542]

  • Added an error message about duplicated accounts while using the combined MFA registration node. [SDKS-2627]

  • Fixed an issue that caused loss of WebAuthn credentials when upgrading the SDK from 4.0.0-beta4 to newer versions. [SDKS-2576]

Android SDK 4.0.0

May 30, 2023

Added

  • Upgraded the Google Fido client to support Passkeys. [SDKS-2243]

  • Added the FRWebAuthn interface to remove WebAuthn reference keys. [SDKS-2272]

  • Added an interface to specify a device name during WebAuthn registration. [SDKS-2296]

  • Added DeviceBinding callback support. [SDKS-1747]

  • Added DeviceSigningVerifier callback support. [SDKS-2022]

  • Added support for combined MFA registration in the Authenticator SDK. [SDKS-1972]

  • Added support for enforcing policies in the Authenticator SDK. [SDKS-2166]

Fixed

  • Fixed WebAuthn authentication on devices that use a full-screen biometric prompt. [SDKS-2340]

  • Fixed functionality of the NetworkCollector method. [SDKS-2445]

Incompatible changes

  • Removed support for native single sign-on (SSO).

  • Changed the signature for a number of methods.

For more information, refer to Incompatible changes.

Android SDK 3.4.0

September 29, 2022

Added

  • Dynamic SDK Configuration. [SDKS-1759]

  • Android 13 support. [SDKS-1944]

Changed

  • Changed activity type used as parameter in PushNotification.accept. [SDKS-1968]

  • Updated deserialization of objects to use a class allowlist to prevent access to untrusted data. [SDKS-1818]

  • Updated the Authenticator module and sample app to handle the new POST_NOTIFICATIONS permission in Android 13. [SDKS-2033]

  • Fixed an issue where the DefaultTokenManager was not caching the AccessToken in memory upon retrieval from Shared Preferences. [SDKS-2066]

  • Deprecated the forgerock_enable_cookie configuration. [SDKS-2069]

  • Align forgerock_logout_endpoint configuration name with the Ping SDK for iOS. [SDKS-2085]

  • Allow leading slash on custom endpoint path. [SDKS-2074]

  • Fixed bug where the state parameter value was not being verified upon calling the Authorize endpoint. [SDKS-2078]

Android SDK 3.3.3

June 22, 2022

Changed

  • Updated the version of the com.squareup.okhttp3 library in the SDK to 4.10.0 [SDKS-1957]

Android SDK 3.3.2

June 21, 2022

Added

  • Interface for log management [SDKS-1864]

Android SDK 3.3.0

May 18, 2022

Added

  • Support SSL pinning [SDKS-80]

  • Restore session token when it is out of sync with the session token that bound with the access token [SDKS-1664]

  • Session token should be included in the header instead of request parameter for /authorize endpoint [SDKS-1670]

  • Support to broadcast logout event to clear application tokens when user logout the app [SDKS-1663]

  • Obtain timestamp from new PushNotification payload [SDKS-1666]

  • Add new payload attributes to the PushNotification [SDKS-1776]

  • Allow processing of push notifications without device token [SDKS-1844]

Fixed

  • Dispose AuthorizationService when no longer required [SDKS-1636]

  • Authenticator sample app crash after scanning push mechanism [SDKS-1454]

Android SDK 3.2.0

January 26, 2022

Features

  • Google Sign-In Security Enhancement.

  • Fix for WebAuthn Registration & Authentication prompt.

Android SDK 3.1.2

October 28, 2021

Features

  • Disable native SSO when the SDK fails to access the Android AccountManager.

Android SDK 3.1.1

September 09, 2021

Features

  • Support for Android 12.

  • Unlocked device is not required for data decryption.

  • Introduced FRLifecycle interface and exposed interfaces to allow custom native SSO implementation.

SDK for iOS changelog

Subscribe to get automatic updates:

iOS SDK 4.7.0

February 11, 2025

Added

  • Added support for user profile self-service. [SDKS-3409]

  • Added support for managing registered devices.

  • Added support for signing-out of PingOne with an ID token. [SDKS-3424]

Updated

  • Updated jailbreak detectors to reduce false-positive detections. [SDKS-3693]

Fixed

  • Fixed an issue that caused duplicate PUSH notifications in the Authenticator module. [SDKS-3533]

iOS SDK 4.6.0

October 17, 2024

Added

  • Added support for the PingOne Protect Marketplace nodes. [SDKS-3296]

  • Exposed the realm, success URL, and failure URL values within Token. [SDKS-3352]

  • Added client-side support for the upcoming ReCaptchaEnterpriseCallback callback. [SDKS-3324]

  • Added support for Device Binding in iOS simulators, by setting Authentication Type in the Device Binding node to None.

Updated

  • Updated the SDK to skip any type 4 TextOutputCallback callbacks, as these contain JavaScript that iOS cannot execute. [SDKS-3226]

  • Made PolicyAdviceCreator public. [SDKS-3349]

Fixed

  • Fixed missing UIKit import issue for SPM. [SDKS-3348]

  • Fixed an issued preventing SSL pinning from working with root certificates. [SDKS-3334]

  • Fixed a build failure because FRCore.swiftmodule is not built for arm64. [SDKS-3347]

iOS SDK 4.5.0

July 12, 2024

Added

  • Added support for signing off from PingOne when using the centralized login flow with OAuth 2.0. [SDKS-3021]

  • Added the ability to dynamically configure the SDK by collecting values from the server’s OpenID Connect .well-known endpoint. [SDKS-3023]

Fixed

  • Fixed issue causing SSL pinning configuration to be ignored in FRURLProtocol class. [SDKS-3239]

  • Removed scope validation from AccessToken initialization. [SDKS-3305]

iOS SDK 4.4.1

April 25, 2024

Added

Updated

Changed

  • Removed storage field from the HardwareCollector class. [SDKS-3086]

iOS SDK 4.4.0

April 4, 2024

Added

  • Added a new module for integration with PingOne Protect. [SDKS-2901]

    • Added support for the TextInput callback. [SDKS-546]

    • Added an interface for customizing the biometric UI prompts when device binding or signing. [SDKS-2990]

    • Added x-requested-with: forgerock-sdk and x-requested-platform: ios immutable HTTP headers to each outgoing request. [SDKS-2997]

Changed

  • Prevented the operation of device binding and signing features on simulators. [SDKS-2995]

iOS SDK 4.3.0

December 15, 2023

Added

  • Added client-side support for the upcoming AppIntegrity callback. [SDKS-2630/SDKS-2761]

  • Added a new ephemeralAuthSession browser type for iOS13 and later. [SDKS-2707]

  • Added iat and nbf claims to the device binding JWS payload. [SDKS-2748]

  • Added ability to insert custom claims when performing device signing verification. [SDKS-2788]

Fixed

  • Fixed an issue where the issuer parameter was not properly parsed when using PingAM 7.2.x. [SDKS-2653]

  • Fixed an issue related to inadequate cache control. [SDKS-2700]

  • Fixed an issue when the sfViewController setting in centralized login had entersReaderIfAvailable set to true. [SDKS-2746]

  • Fixed an issue with the device profile collector that affected phones with multiple sim cards in iOS 16.3 and earlier. [SDKS-2776]

  • Fixed an issue with device binding API access levels. [SDKS-2886]

  • Fixed an issue with removing a userkey from the local device repo. [SDKS-2887]

Updated

  • Updated the detection of Jailbreak status. [SDKS-2796]

  • Improved unit and end-to-end tests. [SDKS-2637]

iOS SDK 4.1.0

July 28, 2023

Added

  • Added support for interceptors in the authenticator module. [SDKS-2545]

  • Added support for mfauth deep links in the authenticator sample app. [SDKS-2524]

  • Added an interface for refreshing access tokens. [SDKS-2563]

  • Added support for policy advice from IG in JSON format. [SDKS-2239]

Fixed

  • Fixed an issue with parsing the issuer value in the URI provided by the combined MFA registration node. [SDKS-2542]

  • Added an error message about duplicated accounts while using the combined MFA registration node. [SDKS-2627]

iOS SDK 4.0.0

June 9, 2023 major

Added

  • Added support for Passkeys. [SDKS-2140]

  • Added DeviceBinding callback support. [SDKS-1748]

  • Added DeviceSigningVerifier callback support. [SDKS-2023]

  • Added support for combined MFA registration in the Authenticator SDK. [SDKS-1972]

  • Added support for enforcing policies in the Authenticator SDK. [SDKS-2166]

  • Added an interface for listing and deleting WebAuthn credentials from the device. [SDKS-2279]

  • Added an interface to specify a device name during WebAuthn registration. [SDKS-2297]

  • Added a SwiftUI quick start example. [SDKS-2405]

Fixed

  • Added error message description to the WebAuthnError enum. [SDKS-2226]

  • Updated the order of presenting the registered WebAuthN keys on the device. [SDKS-2251]

  • Updated Facebook SDK version to 16.0.1. [SDKS-1839]

  • Updated Google SDK version to 7.0.0. [SDKS-2426]

Incompatible changes

  • Changed the signature for a number of methods.

For more information, refer to Incompatible changes.

iOS SDK 3.4.1

November 15, 2022

Changed

  • Updated legacy encryption algorithm used for generation of cryptographic keys stored in Secure Enclave [SDKS-1994]

  • Fixed an issue related to push notifications timeout [SDKS-2164]

  • Fixed an unexpected error occurring during the decoding of some push notifications [SDKS-2199]

iOS SDK 3.4.0

September 22, 2022

Added

  • Dynamic SDK Configuration [SDKS-1760]

  • iOS 16 Support [SDKS-1932]

Changed

  • Fixed build errors on Xcode 14 [SDKS-2073]

  • Fixed bug where the state parameter value was not verified upon calling the Authorize endpoint [SDKS-2077]

iOS SDK 3.3.2

June 20, 2022

Added

  • Interface for log management [SDKS-1863]

Changed

  • Fixed memory leak in the NetworkCollector class [SDKS-1931]

iOS SDK 3.3.1

June 08, 2022

Added

  • Add PushType.biometric support and BiometricAuthentication class for biometric authentication. Updated sample app to handle new Push types [SDKS-1865]

Changed

  • Fixed the bug when refreshing the access token we return the old token [SDKS-1824]

  • Fixed bug when multiple threads are trying to access the same resource in the deviceCollector and ProfileCollector [SDKS-1912]

iOS SDK 3.3.0

May 19, 2022

Added

  • SSL pinning support [SDKS-1627]

  • Obtain timestamp from new push notification payload [SDKS-1665]

  • Add new payload attributes in the push notification [SDKS-1775]

  • Apple Sign In enhancements to get user profile info [SDKS-1632]

Changed

  • Remove "Accept: application/x-www-form-urlencoded" header from /authorize endpoint for GET requests [SDKS-1729]

  • Remove iPlanetDirectoryPro (or session cookie name) from the query parameter, and inject it into the header instead [SDKS-1708]

  • Fix issue when expired push notification displayed as "Approved" in the notification history list [SDKS-1491]

  • Fix issues with registering TOTP accounts with invalid period [SDKS-1405]

iOS SDK 3.2.0

January 27, 2022

Changed

  • Updated GoogleSignIn library to the latest version 6.1.0.

  • FRGoogleSignIn is now available through SPM.

iOS SDK 3.1.1

November 17, 2021

Features

  • Added custom implementation for HTTPCookie for iOS 11+ devices, to support NSSecureCoding for storing cookies.

  • Changed all instances of Archiving/Unarchiving to use NSSecureCoding.

  • SecuredKey initializer now supports passing a Keychain accessibility flag.

  • SecuredKey now has the same default Keychain accessibility flag as the KeychainService ".afterFirstUnlock".

iOS SDK 3.1.0

September 25, 2021

Features

  • Fixed an issue where the MetadataCallback was overriding the stage property of a node.

  • Fixed an issue which was affecting the centralized login feature.

  • Various bug fixes and enhancements for the Authenticator SDK.

SDK for JavaScript changelog

Subscribe to get automatic updates:

SDK for JavaScript 4.7.0

February 11, 2025 minor

Added

  • Added a device client module to manage registered devices.

Changed

  • Prioritized displayName field over userName when saving a WebAuthn or passkey to an account. Previously the SDK displayed a UUID for saved credentials rather than the user’s name.

SDK for JavaScript 4.6.0

October 17, 2024 minor

Added

  • Added centralized login support for PingFederate servers. [SDKS-3250]

  • Added client-side support for the upcoming ReCaptchaEnterpriseCallback callback. [SDKS-3326]

  • Added support for the PingOne Protect Marketplace nodes. [SDKS-3298]

Changed

  • Refactored authorize URL utilities for upcoming DaVinci module. [SDKS-3183]

  • Updated allowed message list to include PingFederate "requires consent" response. [SDKS-3478]

  • Changed the PKCE utility to return a storage function.

SDK for JavaScript 4.4.2

May 15, 2024 patch

Added

  • Added a logoutRedirectUri parameter to the FRUser.logout() method.

    Add the parameter to invoke a redirect flow, for revoking tokens and ending sessions created by a PingOne server.

    To learn more, follow the JavaScript tutorial for PingOne.

  • Added a platformHeader configuration property to control whether the SDK adds the X-Requested-Platform header to all outgoing connections.

Updated

  • Updated the embedded PingOne Signals (Protect) SDK to the latest version.

  • Updated the SDK to import the PingOne Signals (Protect) SDK dynamically and start it with a method call rather than on load.

  • Updated the build system to use Vite.

Fixed

  • Wrapped the PingOne Signals (Protect) SDK to protect it from being called when running server-side.

SDK for JavaScript 4.4.0

March 13, 2024 minor

Added

  • Added a new module for integration with PingOne Protect. [SDKS-2902]

  • Added the ability to include the supplied device name when displaying recovery codes. [SDKS-2536]

  • Added the ability to use the OpenID Connect .well-known endpoint to override the default path configuration. [SDKS-2966]

    This simplifies using the SDKs with OIDC-compliant identity providers, such as PingOne.

    For more information, refer to the Ping SDK for JavaScript PingOne tutorial.

    The SDK is currently unable to revoke PingOne-issued OIDC tokens when using Firefox and Safari, due to third-party cookie restrictions.

  • Added StepOptions type to the public API.

Fixed

  • Fixed a naming collision when using sessionStorage for tokens, state, and PKCE data and performing centralized login. [SDKS-2945]

SDK for JavaScript 4.3.0

January 4, 2024 minor

Added

  • Added ability to override default prefix string given to storage keys.

    For more information, refer to prefix in the Ping SDK for JavaScript Properties.

  • Added an FRQRCode utility class to determine if a step has a QR code and handle the data to display.

    For more information, refer to Set up QR code handling.

Fixed

  • Fixed undefined main and module fields in package.json.

SDK for JavaScript 4.2.0

September 11, 2023 minor

Added

SDK for JavaScript 4.1.2

July 20, 2023 patch

Added

  • Added support in preparation for upcoming Token Vault.

Fixed

  • Fixed an issue with the getTokens() method failing if no parameters are provided and you perform certain down-leveling of code in the build process.

SDK for JavaScript 4.1.1

June 29, 2023 minor

Added

  • Added support in the HTTPClient for receiving transactional authorization advice in JSON format.

Changed

  • Improved types when using strict mode with TypeScript.

SDK for JavaScript 4.0.0

May 23, 2023 major

Added

Changed

  • Updated ESModule (ESM) bundle.

  • Updated tags in the GitHub repo to be prefixed with the package name. For example, javascript-sdk-${tag}.

  • Inserted a prompt=none parameter into OAuth 2.0 calls to the /authorize endpoint to prevent console error about frames.

Incompatible changes

  • No longer provides Universal Module Definition (UMD) support

  • Updated Policy types

  • Removed duplicate modules

For more information, refer to Incompatible changes.

Deprecated

  • JavaScript support configuration property deprecated.

For more information, refer to Deprecations.

SDK for JavaScript 3.4.0

October 10, 2022 minor

Changed

  • Fixed HTTP headers by capitalizing all header names

  • Added support for TextInput callback

  • Updated device profile collection code:

    • Added optional chaining to protect object checks in both browser and node environments

    • Changed usage of window.crypto to globalThis.crypto to improve compatibility

SDK for JavaScript 3.3.0

April 25, 2022 minor

Added

  • Added Angular sample app.

  • Added token threshold feature.

Login Widget changelog

Subscribe to get automatic updates:

Ping (ForgeRock) Login Widget 1.3.0

June 5, 2024 minor

Added

  • Added support for integration with PingOne Protect.

  • Added the name of the device to the recovery codes page.

Fixed

  • Corrected an issue that prevented use of the logLevel parameter in the Ping (ForgeRock) Login Widget configuration.

  • Fixed an issue with configuration literals that caused ZodError messages in the console.


Ping (ForgeRock) Login Widget 1.2.1

January 8, 2024 minor

Added

  • Support for CAPTCHA nodes.


Ping (ForgeRock) Login Widget 1.1

July 17, 2023 minor

Added

  • Support for device profiling callbacks (DeviceProfileCallback)

  • Support for web authentication (WebAuthn) journeys and trees.


Ping (ForgeRock) Login Widget 1.0

April 18, 2023 major

Changed

  • First public release

Token Vault changelog

Subscribe to get automatic updates:

Token Vault 4.2.0

September 11, 2023 minor

Added

  • Added a requirement to declare a list of URLs in the Token Vault Proxy configuration. These generate an allowlist of origins to which the proxy can forward requests.

Token Vault 4.1.2

July 24, 2023 major

Added

  • Initial release of Token Vault.


Compatibility

Supported versions

The Ping SDKs support the following server versions:

  • PingOne

  • PingOne Advanced Identity Cloud

  • PingAM 6.5, 7.0, 7.1, 7.2, 7.3, 7.4, 7.5 and later

  • PingFederate

Supported operating systems and browsers

Select a platform below to view the supported operating systems and browsers.

The Ping SDK for Android supports the following versions of the Android operating system:

  • Android 6.0 (Marshmallow)

  • Android 7.0 / 7.1 (Nougat)

  • Android 8.0.0 / 8.1.0 (Oreo)

  • Android 9 (Pie)

  • Android 10

  • Android 11

  • Android 12

  • Android 13

  • Android 14

  • Android 15

    We are updating how we determine which Android versions form our support policy for the Ping SDK for Android.

    From March 1st, 2025, the support policy is as follows:

    • Every public major release of Android within the last 6 years.

      For example, this would mean support for Android 9 (API level 28) and later versions.

Supported browsers on Android

  • Chrome - Two most recent major versions.

Supported authentication journey callbacks

Callback name Callback description Android iOS JavaScript

AppIntegrity

Collects a generated token from the client to verify the integrity of the app

SDK 4.3

SDK 4.3

BooleanAttributeInputCallback

SDK 2.1

Collects true or false.

ChoiceCallback

Collects single user input from available choices, retrieves selected choice from user interaction.

ConfirmationCallback

Retrieve a selected option from a list of options.

ConsentMappingCallback

SDK 2.0

Prompts the user to consent to share their profile data.

DeviceBinding

Cryptographically bind a mobile device to a user account.

SDK 4.0

SDK 4.0

DeviceProfileCallback

SDK 2.0

Collects meta and/or location data about the authenticating device.

DeviceSigningVerifier

Verify ownership of a bound device by signing a challenge.

SDK 4.0

SDK 4.0

HiddenValueCallback

Returns form values that are not visually rendered to the end user.

KbaCreateCallback SDK 2.0

Collects knowledge-based answers. For example, the name of your first pet.

MetadataCallback (1)

Injects key-value metadata into the authentication process.

For example, the WebAuthn nodes use this callback to return the data the SDK requires to perform authentication and registration.

NameCallback

Collects a username.

NumberAttributeInputCallback

SDK 2.1

Collects a number.

PasswordCallback

Collects a password or one-time pass code.

PingOneProtectEvaluationCallback

SDK 4.4

Collects captured contextual data from the client to perform risk evaluations.

PingOneProtectInitializeCallback

SDK 4.4

Instructs the client to start capturing contextual data for risk evaluations

PollingWaitCallback

Instructs the client to wait for the given period and resubmit the request.

ReCaptchaCallback

Provides data required to use a CAPTCHA in your apps.

(2)

ReCaptchaEnterpriseCallback

Provides data required to use reCAPTCHA Enterprise in your apps.

(2)

SDK 4.6

SDK 4.6

SDK 4.6

RedirectCallback

Redirects the user’s browser or user-agent.

StringAttributeInputCallback

SDK 2.0

Collects the values of attributes for use elsewhere in a tree.

SuspendedTextOutputCallback

SDK 2.1

Pause and resume authentication, sometimes known as "magic links".

TextInputCallback

Collects text input from the end user. For example, a nickname for their account.

SDK 4.4

SDK 4.4

SDK 3.4

TextOutputCallback

Provides a message to be displayed to a user with a given message type.

TermsAndConditionsCallback

SDK 2.0

Collects a user’s acceptance of the configured Terms & Conditions.

ValidatedCreatePasswordCallback

SDK 2.0

Collects a password value with optional password policy validation.

ValidatedCreateUsernameCallback

SDK 2.0

Collects a username value with optional username policy validation.

(1) The WebAuthn Authentication node and the WebAuthn Registration node both use a MetaDataCallback when the Return challenge as JavaScript is NOT enabled.

You must not enable this option when handling WebAuthn journeys with the Ping SDK for Android and iOS.

The Ping SDK for JavaScript handles either the MetaDataCallback or the JavaScript-based payload.

(2) Requires the presence of Google Play Services.

Supported DaVinci fields and collectors

The DaVinci client currently only supports the UI-related HTTP Connector - Custom HTML capability.

DaVinci client field and collector support
Field Collector Description Android iOS JavaScript

Text field

TextCollector

Collects a single text string.

1.0.0

1.0.0

1.0.0

Password field

PasswordCollector

Collects a single text string that cannot be read from the screen.

1.0.0

1.0.0

1.0.0

Submit Button

SubmitCollector

Sends the collected data to PingOne to continue the DaVinci flow.

1.0.0

1.0.0

1.0.0

Flow Button

FlowCollector

Triggers an alternative flow without sending the data collected so far to PingOne.

1.0.0

1.0.0

1.0.0

Limitations

This page lists the known issues and limitations of the Ping SDKs.

SDKs Renamed
Prior to November 2024, the Ping SDKs were known as the ForgeRock SDKs.

All platforms

  • The Ping SDKs do not support authentication chains nor modules.

  • The FRUI module is for prototyping your UI, and is not intended for production use, as-is.

  • As of ForgeRock SDKs 3.0, the Identity Providers supported for social login are limited to Apple, Facebook, and Google.

Ping SDK for Android

  • Displaying CAPTCHAs or using the Ping (ForgeRock) Authenticator module in your application requires the presence of the Google Play Services.

  • The Authenticator module of the Ping SDK for Android only supports Firebase Cloud Messaging service as a Push Notification provider.

  • Social Login requires PingAM 7.1 or the latest version of PingOne Advanced Identity Cloud.

  • Calling FRUser.logout() will only sign out the session from PingAM but not the Social Identity Provider. Every subsequent, social login attempt will automatically log in without asking for credentials.

  • Biometric authentication is only supported on Android 7.0 or newer.

  • Biometric authentication requires PingAM 7.1 or the latest version of PingOne Advanced Identity Cloud.

  • Biometric authentication requires the use of Google Play Services.

  • When a biometric dialog, such as the provide fingerprint dialog, is dismissed, the application may become unresponsive.

  • Biometric authentication does not distinguish individual biometrics (fingerprints or faces), but is limited to any registered for the device’s current user account.

  • As of ForgeRock SDKs 3.0, only platform authenticators can be used for WebAuthn; roaming/USB authenticators, like Yubikey, are not currently supported.

Ping SDK for iOS

  • Data encryption with Secure Enclave is only available for iOS 10+ devices with TouchID or FaceID.

  • DeviceCollector customization is only available in Swift.

  • JailbreakDetector customization is only available in Swift.

  • HiddenValueCallback and SuspendedTextOutputCallback are not accessible in Objective-C.

  • FRAuthenticator SDK is only available in Swift.

  • Social Login requires PingAM 7.1 or the latest version of PingOne Advanced Identity Cloud.

  • Calling FRUser.logout() will only sign out the session from PingAM but not the Social Identity Provider. Every subsequent, social login attempt will automatically log in without asking for credentials.

  • The Google Sign-In SDK is only compatible with CocoaPods (Swift Package Manager is not supported).

  • Sign In With Apple is only supported in iOS 13 and above.

  • Biometric authentication requires PingAM 7.1 or the latest version of PingOne Advanced Identity Cloud.

  • Biometric authentication does not distinguish between individual biometrics (fingerprints or faces), but is limited to the collection of biometrics registered for the device’s current user account.

  • For Biometric authentication, iOS only supports the ES256 signing algorithm, this is configured in the WebAuthn Registration node.

  • For "usernameless" biometric authentication support, "limit registrations" must be disabled within the WebAuthn Registration node.

  • As of ForgeRock SDKs 3.0, only the platform authenticator can be used for WebAuthn; roaming/USB authenticators, like Yubikey, are not supported.

Ping SDK for JavaScript

  • The Ping SDK for JavaScript is currently unable to revoke PingOne-issued OIDC tokens when using Firefox and Safari, due to third-party cookie protection.

  • When resources are protected by PingGateway, the Ping SDK for JavaScript can only support transactional authorization if PingAM and PingGateway are on the same origin.

  • FireFox does not support Touch ID as a WebAuthn device on Mac therefore it limits some WebAuthn node configurations.

  • The SDK requires polyfills to function in IE 11 and Legacy Edge.

  • In WebKit for both macOS and iOS, the "Prevent Cross-site Tracking" option, which is enabled by default, can prevent the SDK from functioning when the app and PingAM are under different origins.

  • Collecting location information requires the user’s system preferences to allow browser access to location information.

  • IndexedDB as a token storage strategy has a known issue with Firefox Private Mode. (Use localStorage as an alternative.)

  • Social login with Apple requires the use of a form POST, so the "Redirect URL" cannot be an SPA as they are unable to handle a POST request; the use of the special PingAM endpoint explained in Set up social login is recommended.

  • Calling FRUser.logout() will only sign out the session from PingAM but not the social identity provider. Every subsequent social login attempt will automatically log in without asking for credentials.

Incompatible changes

Incompatible changes refer to changes that impact existing functionality and might have an effect on your deployment. Before you upgrade, review these lists and make the appropriate changes to your scripts and plugins.

SDKs Renamed
Prior to November 2024, the Ping SDKs were known as the ForgeRock SDKs.

ForgeRock SDK for iOS 4.0.0

Exception changes
  • The FRAClient.updateAccount() method now throws AccountError.accountLocked when attempting to update a locked account.

  • The HOTPMechanism.generateCode() and TOTPMechanism.generateCode() methods now throw AccountError.accountLocked when attempting to get an OATH token for a locked account.

Method signature changes

The signature of the following methods has changed:

WebAuthnRegistrationCallback
Old
public func register(
  node: Node? = nil,
  onSuccess: @escaping StringCompletionCallback,
  onError: @escaping ErrorCallback
)
swift
New
public func register(
  node: Node? = nil,
  window: UIWindow? = UIApplication.shared.windows.first,
  deviceName: String? = nil,
  usePasskeysIfAvailable: Bool = false,
  onSuccess: @escaping StringCompletionCallback,
  onError: @escaping ErrorCallback
)
swift
WebAuthnAuthenticationCallback
Old
public func authenticate(
  node: Node? = nil,
  onSuccess: @escaping StringCompletionCallback,
  onError: @escaping ErrorCallback
)
swift
New
public func authenticate(
  node: Node? = nil,
  window: UIWindow? = UIApplication.shared.windows.first,
  preferImmediatelyAvailableCredentials: Bool = false,
  usePasskeysIfAvailable: Bool = false,
  onSuccess: @escaping StringCompletionCallback,
  onError: @escaping ErrorCallback
)
swift
FacebookSignInHandler
Old
public static func handle(
  _ application: UIApplication,
  _ url: URL,
  _ options: [UIApplication.OpenURLOptionsKey : Any] = [:]
) -> Bool
swift
New
public static func application(
  _ application: UIApplication,
  didFinishLaunchingWithOptions launchOptions: [UIApplication.LaunchOptionsKey : Any]? = nil
) -> Bool
swift

In ForgeRock SDK for Android 4.0.0 and later, make calls to the method using:

application(_ application:, didFinishLaunchingWithOptions launchOptions: )

Not the previous call:

application(_ app:, open url:, options:)

ForgeRock SDK for Android 4.0.0

Removed support for native single sign-on (SSO)

The Android platform has deprecated sharedUserId that underpins the ForgeRock SDK for Android native SSO implementation.

This native SSO implementation will not be viable after sharedUserId is removed from the Android platform.

Due to this deprecation, ForgeRock SDK for Android 4.0.0 removes support for Android native single sign-on, as well as the following related changes:

  • AuthenticatorService is removed. Remove <service> from your AndroidManifest.xml file.

  • The ForgeRock SDK for Android no longer requires the following permissions:

    • android.permission.AUTHENTICATE_ACCOUNTS

    • android.permission.GET_ACCOUNTS

    • android.permission.MANAGE_ACCOUNTS

    • android.permission.USE_CREDENTIALS

  • The ForgeRock SDK for Android no longer requires the following configuration properties:

    • forgerock

    • forgerock_account_name

    • forgerock_webauthn_account_name

    • forgerock_webauthn_max_credential

    • forgerock_enable_sso

Method signature changes

The signature of the following methods has changed:

WebAuthnRegistrationCallback
Old
public void register(Node node,FRListener<Void> listener)
java
New
suspend fun register(context: Context, node: Node)
java
WebAuthAuthenticationCallback
Old
public void authenticate(
  @NonNull Fragment fragment,
  @NonNull Node node,
  @Nullable WebAuthnKeySelector selector,
  FRListener<Void> listener
)
java
New
suspend fun authenticate(
  context: Context,
  node: Node,
  selector: WebAuthnKeySelector = WebAuthnKeySelector.DEFAULT
)
java
org.forgerock.android.auth.FRAClient
Old
public boolean updateAccount(@NonNull Account account)
java
New
public boolean updateAccount(@NonNull Account account)
  throws AccountLockException
java
org.forgerock.android.auth.HOTPMechanism
Old
public OathTokenCode getOathTokenCode()
  throws OathMechanismException
java
New
public OathTokenCode getOathTokenCode()
  throws OathMechanismException, AccountLockException
java
org.forgerock.android.auth.OathMechanism
Old
public abstract OathTokenCode getOathTokenCode()
  throws OathMechanismException
java
New
public abstract OathTokenCode getOathTokenCode()
  throws OathMechanismException, AccountLockException
java
org.forgerock.android.auth.TOTPMechanism
Old
public OathTokenCode getOathTokenCode()
  throws OathMechanismException
java
New
public OathTokenCode getOathTokenCode()
  throws OathMechanismException, AccountLockException
java

ForgeRock SDK for JavaScript 4.0.0

No longer provides Universal Module Definition (UMD) support

This version of the ForgeRock SDK for JavaScript does not provide a UMD bundle.

If you require UMD support, you can:

  • Use an earlier version of the ForgeRock SDK for JavaScript, such as 3.4.0.

  • Clone the repository with the latest source code and configure it locally to provide UMD support.

    Support for CommonJS (CJS) and ES Modules (ESM) is not affected and still provided in ForgeRock SDK for JavaScript 4.0.0

Removal of indexedDB token store

The indexedDB option has been removed from the tokenStore configuration property in ForgeRock SDK for JavaScript 4.0.0. The indexedDB option did not offer sufficient functionality or reliability when the browser is using a private or incognito window.

If you are using the indexedDB option after upgrading to ForgeRock SDK for JavaScript 4.0.0 it is ignored and the SDK defaults to using the localStorage option instead. A warning message is output to the browser console.

This change will not affect the functionality of your app.

For more information on options for the token store, refer to Configure the Ping SDKs for Auth Journeys.

Updated Policy types

Updated policy types so that a PolicyRequirement array is output from failedPolicies.

Removed duplicate modules

Removed the FRUI and Event modules from the ForgeRock SDK for JavaScript repository.

These modules were incorrectly duplicated from the forgerock-javascript-sdk-ui repository.

Deprecated

The functionality listed here is deprecated, and likely to be removed in a future release.

Deprecated since Ping SDK for JavaScript 4.0

JavaScript support configuration property

The support configuration property has been removed in Ping SDK for JavaScript 4.0.

This property could be used to change the way the SDK would make requests to the /authorize endpoint in OAuth 2.0 interactions.

If you configured the SDK to use the modern option, you might notice that your app uses the default iframe method to call the /authorize endpoint if you upgrade to this version of the SDK. This technical difference will not negatively impact your app’s user-experience or require any code changes.

If you were using the legacy option or not providing a value for the support property at all, you will likely obtain improvements in latency and a reduction of errors in the logs when upgrading to Ping SDK for JavaScript 4.0.

Interface stability

Interfaces labelled as Evolving in the documentation may change without warning. In addition, the following rules apply:

  • Interfaces that are not described in released product documentation should be considered Internal/Undocumented.

  • Also refer to Deprecated features and Incompatible changes.

Product release levels

Ping Identity defines Major, Minor, Maintenance, and Patch product release levels. The version number reflects release level. The release level tells you what sort of compatibility changes to expect.

Release level definitions
Release Label Version Numbers Characteristics

Major

Version: x[.0.0] (trailing 0s are optional)

  • Bring major new features, minor features, and bug fixes.

  • Can include changes even to Stable interfaces.

  • Can remove previously Deprecated functionality, and in rare cases remove Evolving functionality that has not been explicitly Deprecated.

  • Include changes present in previous Minor and Maintenance releases.

Minor

Version: x.y[.0] (trailing 0s are optional)

  • Bring minor features, and bug fixes.

  • Can include backwards-compatible changes to Stable interfaces in the same Major release, and incompatible changes to Evolving interfaces.

  • Can remove previously Deprecated functionality.

  • Include changes present in previous Minor and Maintenance releases.

Maintenance, Patch

Version: x.y.z[.p]

The optional p reflects a Patch version.

  • Bring bug fixes

  • Are intended to be fully compatible with previous versions from the same Minor release.

Product stability labels

Ping Identity Platform software supports many features, protocols, APIs, GUIs, and command-line interfaces. Some of these are standard and very stable. Others offer new functionality that is continuing to evolve.

Ping Identity acknowledges that you invest in these features and interfaces, and therefore must know when and how Ping Identity expects them to change. For that reason, Ping Identity defines stability labels and uses these definitions in Ping Identity Platform products.

Stability label definitions
Stability Label Definition

Stable

This documented feature or interface is expected to undergo backwards-compatible changes only for major releases.

Changes may be announced at least one minor release before they take effect.

Evolving

This documented feature or interface is continuing to evolve and so is expected to change, potentially in backwards-incompatible ways even in a minor release. Changes are documented at the time of product release.

While new protocols and APIs are still in the process of standardization, they are Evolving. This applies for example to recent Internet-Draft implementations, and also to newly developed functionality.

Legacy

This feature or interface has been replaced with an improved version, and is no longer receiving development effort from Ping Identity.

You should migrate to the newer version, however the existing functionality will remain.

Legacy features or interfaces will be marked as Deprecated if they are scheduled to be removed from the product.

Deprecated

This feature or interface is deprecated, and likely to be removed in a future release.

For previously stable features or interfaces, the change was likely announced in a previous release.

Deprecated features or interfaces will be removed from Ping Identity products.

Removed

This feature or interface was deprecated in a previous release, and has now been removed from the product.

Technology Preview

Technology previews provide access to new features that are considered as new technology that is not yet supported. Technology preview features may be functionally incomplete, and the function as implemented is subject to change without notice.

DO NOT DEPLOY A TECHNOLOGY PREVIEW INTO A PRODUCTION ENVIRONMENT.

Customers are encouraged to test drive the technology preview features in a non-production environment, and are welcome to make comments and suggestions about the features in the associated forums.

Ping Identity does not guarantee that a technology preview feature will be present in future releases, the final complete version of the feature is liable to change between preview and the final version. Once a technology preview moves into the completed version, said feature will become part of Ping Identity Platform.

Technology previews are provided on an “AS-IS” basis for evaluation purposes only, and Ping Identity accepts no liability or obligations for the use thereof.

Internal/Undocumented

Internal and undocumented features or interfaces can change without notice.

If you depend on one of these features or interfaces, contact support to discuss your needs.

Getting support

Ping Identity provides support services, professional services, training, and partner services to assist you in setting up and maintaining your deployments. For a general overview of these services, see https://www.pingidentity.com.

Ping Identity has staff members around the globe who support our international customers and partners. For details on Ping Identity’s support offering, visit https://www.pingidentity.com/support.

Ping Identity publishes comprehensive documentation online:

  • The Ping Identity Knowledge Base offers a large and increasing number of up-to-date, practical articles that help you deploy and manage Ping Identity Platform software.

    While many articles are visible to everyone, Ping Identity customers have access to much more, including advanced information for customers using Ping Identity Platform software in a mission-critical capacity.

  • Ping Identity product documentation, such as this document, aims to be technically accurate and complete with respect to the software documented. It is visible to everyone and covers all product features and examples of how to use them.