The following changes have been made to the PingOne API.
|Date||Contract change description|
|12/27/2021||The platform now supports configuring the
|12/27/2021||The platform now supports the User Location Anomaly risk predictor. See Risk Predictors.|
|12/23/2021||For authorization requests that return an invalid request object error, the error message now includes additional details about the
|12/17/2021||The image service API now returns a regionalized URL for any new images uploaded. For example, if you are in the EU and use
|12/16/2021||The platform now supports configuration of policies for MFA enrollment and authentication transactions in PingOne Flows.
See Device authentication policies that now supports the following operations:
|12/15/2021||The platform now includes endpoints that initiate and complete an MFA action without requiring a call to the PingOne authorize service. For more information, see MFA Device Authentications.|
|12/15/2021||The platform now supports the ability to configure short codes and toll-free origination numbers to send SMS and voice notifications to recipients in multiple countries.
|12/12/2021||The platform now supports configuration of untrusted sender email addresses at the email notification template content level, when using a custom email sender.
See Content properties.
|12/08/2021||The platform now provides easier integration with custom providers’ remote gateways, including support for dispatching voice notifications.
This implementation uses the
Basic and bearer authentication methods are supported.
See Phone delivery settings.
|12/07/2021||The platform now includes decision endpoints that allow efficient evaluation of policies developed in the PingOneAuthorize Policy Editor Service. For more information, see PingOneAuthorize Policy Decision Service.|
|11/08/2021||The platform now supports a JSON array PATCH action to update targeted elements on a user object. For more information, see UPDATE User (Patch JSON Array).|
|10/25/2021||The notifications settings property,
|10/04/2021||Ping Identity has added a Canada regional data center, that will provide enhanced performance and response on services for Canadian customers accounts hosted on this data center.
Canada data center domains:
|09/30/2021||The platform now supports the Identity Data Read Only Admin role. See Roles.|
|09/30/2021||The platform now supports custom risk predictors. See Risk Predictors.|
|09/2/2021||The platform now supports connecting to external LDAP directories to validate user credentials. See Gateway Management.|
|08/31/2021||The platform now supports configuration of your own provider for dispatching SMS notifications. See Phone delivery settings.
The new POST Create Phone Delivery Settings (SMS) and PUT Update Phone Delivery Settings (SMS) operations use the new custom provider phone delivery settings properties:
Note: This implementation uses the POST operation and non-customizable body and headers. It requires customers to create a gateway that receives these requests in their simple, static format, and translates those requests into their custom provider’s supported SMS format.
|08/12/2021||From MFA Native SDK v1.6.0, the platform supports mobile device integrity checks.
|07/29/2021||The following properties have been added to the risk evaluations details data model:
|07/26/2021||The platform now supports the Credentials Issuance service, enabling you to create custom verifiable credentials for users. See Credentials Issuance.|
|07/14/2021||The platform now supports configuration of your MFA authentication methods according to your security policies, including passcode refresh time (mobile applications), passcode retry attempts, passcode lifetime duration, and device block duration times. See Device authentication policy.|
|06/30/2021||The platform now supports dispatching SMS and voice notifications via your organization’s own Syniverse account in place of Ping Identity’s account or your own Twilio account.
The fallback option uses the
|06/30/2021||The platform now supports pairing a phone number as an MFA method using a voice call OTP, and subsequent voice call OTP authentication notifications to paired phone numbers.
The following new operations were added:
|05/06/2021||The platform now supports just-in-time provisioning of new users who authenticate with a registered authoritative external identity provider. See Identity Provider Management and Users.|
|05/05/2021||The platform now provides the number of OTP attempts remaining in the error message detail as part of the Check One-Time Passcode action and Activate MFA User Device action.|
|04/13/2021||The platform now provides a Risk Advanced Predictors endpoint to include advanced predictor criteria for risk policies. For more information, see Risk Management, Risk Advanced Predictors, and Risk Policies.|
|04/08/2021||If you attempt to create or update a custom content for an existing combination of template,
|03/24/2021||The platform now provides a sign-on policy action that bypasses the PingOne sign-on screen and immediately redirects the user to an external identity provider’s sign-on workflow to authenticate. For more information, see Sign-On Policy Actions and External Authentication.|
|03/19/2021||The platform now provides a user account management endpoint to unlock a user account. For more information, see User Accounts, Users, Sign-On Policy Actions, MFA Settings, and Flows.|
|02/23/2021||The platform now supports the ability to prompt end users with your own legal text during registration and sign on. The platform records a user’s active consent to the document before proceeding with the flow. For more information, see Agreement Management, User Agreement Consents, Sign-On Policy Actions, and Flows.|
|02/23/2021||The platform now supports text and language customization for all end user interfaces and notifications. In this initial release, it supports the new Agreements (terms of service) feature. For more information, see Language Management.|
|02/05/2021||The Active Identity Counts endpoint
|02/03/2021||The platform now supports groups for users. For more information, see Groups.|
|02/03/2021||The platform now includes optional
|02/02/2021||The platform now supports multiple custom contents for each template +
|02/02/2021||The platform now supports a custom notification with the creation of an email or SMS MFA device. For more information, see Custom device pairing notification with device creation.|
|02/1/2021||The platform now includes the PingOne Verify APIs, and the PingOne Verify native SDKs.|
|01/19/2021||The platform now includes endpoints to read and update MFA settings. For more information, see MFA Settings.|
|01/19/2021||The platform includes support for FIDO2 bound biometrics devices and FIDO2 or U2F security key devices. For more information, see FIDO2 Biometrics Devices.|
|01/11/2021||The platform now supports device ordering to create a default active device. For more information, see Device order.|
|01/08/2021||The platform now supports external registration, which provides a sign-on action to register a user using an external identity provider’s registration workflow. For more information, see Flows and Sign-On Policy Actions.|
|12/30/2020||The platform now supports a maximum allowed devices setting for paired devices and a device nickname property used during authentication. For more information, see Maximum allowed devices and Device properties.|
|12/14/2020||The platform now supports risk policy sets and risk evaluations. For more information, see Risk Management.|
|12/14/2020||The platform now supports using the token endpoint so that the client can make a token exchange request to the PingOne authorization server. For more information, see Token Exchange (Gateway Credential).|
|12/03/2020||Notifications content variables are now case insensitive. For more information, see Notifications Templates.|
|10/15/2020||The platform now supports an alerting service that delivers high-level email warnings about resource states. For more information, see Alerting.|
|10/13/2020||The platform now supports a Time-based One-time Password (TOTP) authenticator application device type. For more information, see CREATE MFA User Device (TOTP) and Sign-on Policy Actions.|
|09/29/2020||The platform now supports the PingOne MFA product. For more information, see Getting Started with PingOne MFA.|
|09/22/2020||The platform now supports the ability to select and customize the branding themes that you can apply to your sign-on screens. For more information, see Branding.|
|09/21/2020||The platform now supports self-management access control scopes that allow organizations to specify which user profile attributes are accessible to end users. For more information, see Access services through scopes and roles and Resource scopes.|
|09/14/2020||The platform now includes endpoints to manage Yahoo, Microsoft, GitHub, and PayPal external identity provider configurations. For more information, see Identity providers.|
|07/21/2020||The platform now supports the ability to configure a trusted email domain for each environment. A trusted email domain with its associated email addresses enable PingOne to send emails on your organization’s behalf. For more information see Trusted email domains and Trusted email addresses.|
|07/07/2020||The platform now supports configuration of sign-on policies to determine whether MFA is required for authentication requests detected as originating from an anonymous network such as an unknown VPN, proxy or anonymity communication tool such as Tor. It is possible to exclude specific IP addresses using a whitelist. See the
|06/25/2020||The platform now includes endpoints to manage Apple external identity provider configurations. For more information, see Identity providers.|
|06/24/2020||The platform now includes endpoints to manage Amazon external identity provider configurations. For more information, see Identity providers.|
|06/24/2020||The platform now includes endpoints to manage Twitter external identity provider configurations. For more information, see Identity providers.|
|06/16/2020||The platform now supports despatching SMS notifications via your organization’s own Twilio account in place of Ping Identity’s account. This also allows for the option of falling back to Ping’s account in the event of notification failure, using the new
|06/16/2020||The platform now supports transaction approval when strong authentication is required for elevated security for a high value transaction, or high risk resource or service. This includes use of the new
|06/16/2020||From Native SDK v1.3.0, the platform supports extra verification on device authorization. For more information see the
|05/05/2020||The platform now provides an interface for third-party auditing tools to subscribe to and consume PingOne audit activity events. For more information, see Subscriptions (webhooks).|
|04/30/2020||The platform now supports a token revocation endpoint. For more information, see Token revocation.|
|04/15/2020||The platform now supports an identity-provider initiated SAML authentication single sign-on flow. For more information, see SAML 2.0.|
|04/15/2020||The sign-on policy service now includes an
|04/03/2020||The sign-on policy service now includes a
|04/03/2020||The licenses and capabilities services now include properties that designate whether the license allows the creation of custom domains. For more information, see Licensing and Capabilities.|
|04/03/2020||The flow service has changed so that a session token cookie is set only after the identity of the user has been partially established. For more information, see Identity providers.|
|04/03/2020||The platform now includes endpoints to manage OpenID Connect external identity provider configurations. For more information, see Identity providers.|
|03/31/2020||The platform now supports configuration of sign-on policies to determine whether MFA is required for authentication requests detected as having high-risk IP reputation and geovelocity anomalies. See the geovelocity and IP reputation Condition variables on the Sign-on policy actions page.|
|03/31/2020||From Native SDK v1.2.0, the platform includes the ability to get logs from authenticating user native devices for investigation and support. See Devices API operations on the Devices page.|
|03/31/2020||From Native SDK v1.2.0, the platform includes the ability to send logs from authenticating user native devices to the PingOne server, for investigation and support.|
|03/31/2020||From Native SDK v1.2.0, the platform supports automatic device authentication. See PingOne Native SDK flows.|
|03/13/2020||The platform now includes an identity propagation API that provides for configurable and audit-capable propagation of identities and their attributes between identity stores owned or managed by a customer. For more information, see Identity propagation.|
|03/11/2020||The platform now includes an identity provider discovery login flow that initiates actions to identify the user and determine the applicable authentication methods for this user. For more information, see Identifier first action and Get a flow.|
|03/11/2020||The platform now includes a progressive profiling authentication flow that prompts users to provide additional data at sign on. For more information, see Progressive profiling action and Submit profile data.|
|02/19/2020||The set password action now includes an optional
|02/10/2020||The platform now includes an endpoint to view and license capabilities. For more information, see Capabilities.|
|01/13/2020||The platform now includes an endpoint to view and update the name property value for a license. For more information, see Licensing.|
|12/17/2019||The platform now supports a token introspection endpoint. For more information, see Token introspection.|
|12/10/2019||The platform now supports password policy customization. For more information, see Password policies.|
|12/10/2019||The platform now supports configuration of a Proof Key for Code Exchange (PKCE) authorization workflow. For more information, see OpenID Connect/OAuth 2 and Configure a PKCE authorization workflow.|
|12/10/2019||The platform now supports custom domains. For more information, see Custom domains.|
|12/10/2019||The platform now includes endpoints to manage LinkedIn external identity provider configurations. For more information, see Identity providers.|
|12/10/2019||The platform now includes endpoints to customize ID tokens for a OIDC applications. For more information, see Attribute mapping.|
|12/09/2019||The Native SDK supports automatic enrollment through OIDC authentication.|
|10/10/2019||The Native SDK sample app for Android now has notification banners.|
|10/10/2019||The Native SDK Android component dependencies have been updated: the Nimbus library has been replaced by Jose4J. See Pingone Native SDK > Android > Set up a native app using the PingOne SDK sample code > Add the PingOne SDK component into your existing project.|
|10/10/2019||The iOS Native SDK API now requires Swift 5.1. See Pingone Native SDK > iOS > Set up a native app using the PingOne SDK sample code > Xcode integration for software prerequisites.|
|10/10/2019||Logs appeared in the Android developer console. This has been resolved so that they no longer appear. (P14CMFA-3242)|
|10/03/2019||The platform now includes endpoints to view authentication statistics on a per application basis. For more information, see Authentications per application.|
|08/30/2019||The platform now includes endpoints to manage Google external identity provider configurations. For more information, see Identity providers.|
|08/30/2019||The platform now supports access token customization. For more information, see Access token customization.|
|08/19/2019||The platform now includes a basic password policy to allow for maximum customer flexibility. For more information, see Password policies.|
|08/14/2019||Sign-on policy action condition attributes now require camelCase syntax for attribute names (for example,
|07/31/2019||The platform now supports the
|07/31/2019||The platform now supports a native SDK that allows developers to send push notifications to custom native applications for multi-factor authentication (MFA). For more information, see Pairing keys, Android PingOne Native SDK API, and iOS PingOne Native SDK API.|
|07/31/2019||The following template IDs (see Notifications templates) have changed:
|07/02/2019||The platform now includes endpoints to manage external identity provider configurations that enable social login and inbound SAML login features in PingOne. It also includes endpoints to manage a user’s links to external identity provider accounts. For more information, see Identity providers and Linked accounts.|
|6/25/2019||The platform now includes endpoints to get information about the licenses associated with an organization. For more information, see Licensing.|
|6/25/2019||The platform now includes endpoints to get information about active identity counts and total identity counts. For more information, see Active identity counts and Total identities.|
|06/13/2019||The file import feature is temporarily disabled. It will be enabled in a future release.|
|04/15/2019||The platform now supports a passwordless authentication flow. For more information, see Sign-on with a username and Configure a passwordless sign-on policy.|
|04/01/2019||Sign on policy actions now support a policy condition language that allows both logical and data rules to construct a policy condition statement. For more information, see Sign-on policy action conditions.|
|03/25/2019||Platform scopes, such as
|03/25/2019||Scopes with “self” in the name have been renamed. Example:
|03/01/2019||The SAML attribute mappings data model now includes a
|02/18/2019||The following templates are available for use with notifications templates:
|01/28/2019||The flow service no longer uses the
|01/22/2019||Audit reporting supports a
|01/21/2019||The data model for SAML application settings requires a leading dollar sign ($) when specifying the expression in the
For more information about PingOne product updates, see Announcements.