Change log


PingOne for Customers API updates

The following changes have been made to the PingOne for Customers API.

Contract change date Contract change description
03/31/2020 The platform now supports configuration of sign-on policies to determine whether MFA is required for authentication requests detected as having high-risk IP reputation and geovelocity anomalies. See the geovelocity and IP reputation Condition variables on the Sign-on policy actions page.
03/31/2020 From Mobile SDK v1.2.0, the platform includes the ability to get logs from authenticating user mobile devices for investigation and support. See Devices API operations on the Devices page.
03/31/2020 From Mobile SDK v1.2.0, the platform includes the ability to send logs from authenticating user mobile devices to the PingOne for Customer server, for investigation and support.
03/31/2020 From Mobile SDK v1.2.0, the platform supports automatic device authentication. See PingOne Mobile SDK flows.
03/13/2020 The platform now includes an identity propagation API that provides for configurable and audit-capable propagation of identities and their attributes between identity stores owned or managed by a customer. For more information, see Identity propagation.
03/11/2020 The platform now includes an identity provider discovery login flow that initiates actions to identify the user and determine the applicable authentication methods for this user. For more information, see Identity first action and Get a flow.
03/11/2020 The platform now includes a progressive profiling authentication flow that prompts users to provide additional data at sign on. For more information, see Progressive profiling action and Submit profile data.
02/19/2020 The set password action now includes an optional bypassPolicy property that specifies whether the user’s password policy should be ignored. For more information, see Set password.
02/10/2020 The platform now includes an endpoint to view and license capabilities. For more information, see Capabilities.
01/13/2020 The platform now includes an endpoint to view and update the name property value for a license. For more information, see Licensing.
12/17/2019 The platform now supports a token introspection endpoint. For more information, see Token introspection.
12/10/2019 The platform now supports password policy customization. For more information, see Password policies.
12/10/2019 The platform now supports configuration of a Proof Key for Code Exchange (PKCE) authorization workflow. For more information, see OpenID Connect/OAuth 2 and Configure a PKCE authorization workflow.
12/10/2019 The platform now supports custom domains. For more information, see Custom domains.
12/10/2019 The platform now includes endpoints to manage LinkedIn external identity provider configurations. For more information, see Identity providers.
12/10/2019 The platform now includes endpoints to customize ID tokens for a OIDC applications. For more information, see Attribute mapping.
12/09/2019 The Mobile SDK supports automatic enrollment through OIDC authentication.
10/10/2019 The Mobile SDK sample app for Android now has notification banners.
10/10/2019 The Mobile SDK Android component dependencies have been updated: the Nimbus library has been replaced by Jose4J. See Pingone for Customers Mobile SDK > Android > Set up a mobile app using the PingOne SDK sample code > Add the PingOne SDK component into your existing project.
10/10/2019 The iOS Mobile SDK API now requires Swift 5.1. See Pingone for Customers Mobile SDK > iOS > Set up a mobile app using the PingOne SDK sample code > Xcode integration for software prerequisites.
10/10/2019 Logs appeared in the Android developer console. This has been resolved so that they no longer appear. (P14CMFA-3242)
10/03/2019 The platform now includes endpoints to view authentication statistics on a per application basis. For more information, see Authentications per application.
08/30/2019 The platform now includes endpoints to manage Google external identity provider configurations. For more information, see Identity providers.
08/30/2019 The platform now supports access token customization. For more information, see Access token customization.
08/19/2019 The platform now includes a basic password policy to allow for maximum customer flexibility. For more information, see Password policies.
08/14/2019 Sign-on policy action condition attributes now require camelCase syntax for attribute names (for example, ipRange, secondsSince). For more information, see Sign-on policy actions.
07/31/2019 The platform now supports the refresh_token grant type. For more information, see Grant types and Obtain an access token.
07/31/2019 The platform now supports a mobile SDK that allows developers to send push notifications to custom mobile applications for multi-factor authentication (MFA). For more information, see Pairing keys, Android PingOne Mobile SDK API, and iOS PingOne Mobile SDK API.
07/31/2019 The following template IDs (see Notifications templates) have changed:
  • offline_pairing has been renamed to device_pairing
  • offline_authentication has been renamed to strong_authentication
Calls to the GET /environments/{envId}/templates endpoint will return the new template IDs, instead of the old ones. The deprecated offline_pairing and offline_authentication template IDs are still supported for backward compatibility, but will be unsupported at a future date.
07/02/2019 The platform now includes endpoints to manage external identity provider configurations that enable social login and inbound SAML login features in PingOne for Customers. It also includes endpoints to manage a user’s links to external identity provider accounts. For more information, see Identity providers and Linked accounts.
6/25/2019 The platform now includes endpoints to get information about the licenses associated with an organization. For more information, see Licensing.
6/25/2019 The platform now includes endpoints to get information about active identity counts and total identity counts. For more information, see Active identity counts and Total identities.
06/13/2019 The file import feature is temporarily disabled. It will be enabled in a future release.
04/15/2019 The platform now supports a passwordless authentication flow. For more information, see Sign-on with a username and Activity - Create a passwordless sign-on policy.
04/01/2019 PATCH requests that modify custom JSON user attributes are replaced completely. For more information, see Users: Partial update.
04/01/2019 Sign on policy actions now support a policy condition language that allows both logical and data rules to construct a policy condition statement. For more information, see Sign-on policy action conditions.
03/25/2019 Platform scopes, such as p1:read:env:user, p1:create:env:device, and p1:update:env:population, have been removed. In order to access platform APIs, you must create a new WORKER application type. For more information, see API Update: Scope Naming Change and New Application Type.
03/25/2019 Scopes with “self” in the name have been renamed. Example: p1:reset:self:userPassword is now p1:reset:userPassword. For more information, see API Update: Scope Naming Change and New Application Type.
03/01/2019 The SAML attribute mappings data model now includes a mappingType attribute to identify CORE, SCOPE and CUSTOM mapping types. For more information, see Attribute mapping.
02/18/2019 The following templates are available for use with notifications templates: verification_code_template, recovery_code_template, offline_authentication, and offline_pairing. For more information, see Notifications templates and Notifications settings.
01/28/2019 The flow service no longer uses the /step/{stepId} sub-resource, and it no longer shows multiple statuses and nested embedded resources. The status property in the flow response contains all information about the flow’s current state. For more information, see Flows.
01/22/2019 Audit reporting supports a POST operation to retrieve audit events without exposing sensitive or personal filtering information in a GET request URL. The required SCIM filtering expression is specified in the POST request body. For more information, see Get audit activities using POST.
01/21/2019 The data model for SAML application settings requires a leading dollar sign ($) when specifying the expression in the value attribute. For example, "value": "${user.username}". For more information, see Applications SAML settings data model.
01/11/2019 The GET /environments/{environmentId}/activities endpoint no longer supports the in (includes) SCIM operator. For more information, see Audit activities and events.

More information

For more information about PingOne for Customers product updates, see Announcements.