For a condensed list of all enhancements for this and previous releases, see the “Complete Change List by Released Version” section, which also contains references to additional documentation.
PingFederate now provides an optional configuration to evaluate attributes and other run-time variables for authorization purposes. This feature provides a way to extend access policy by conditionally allowing or disallowing the issuance of relevant security tokens for example, SAML assertion, STS tokens, OAuth access tokens, and session cookies. The Issuance Criteria configuration is available for all PingFederate flows, including:
PingFederate includes REST-based Web services for programmatic management of OAuth clients. The REST API is offered as an alternative to the OAuth client management functionality in the administrative console. The OAuth Client Management API allows you to create, retrieve, update, and delete OAuth clients. In addition, the OAuth Client Management in the administrative console has been enhanced to accommodate a large number of clients with search and pagination functionality.
PingFederate now provides the capability to translate WS-Trust security tokens directly from a configured Token Processor to a Token Generator without requiring the issuance of SAML tokens in a connection. Incoming security token attributes from the token processor are mapped directly to attributes in the issued security token from the appropriate token generator.
Splunk is widely-used enterprise software that allows for monitoring, reporting, and analyzing consolidated log files. Splunk captures and indexes real-time data into a single searchable repository from which reports, graphs, and other data-visualizations can be generated.
PingFederate now provides the Splunk App for PingFederate—a custom Splunk application developed by Ping Identity to process audit log files generated by a PingFederate deployment. The Splunk App for PingFederate provides rich system monitoring and reporting, including the following views: