With the release of PingFederate 7, we truly have moved the needle in terms of protocol coverage with support of both SCIM and OpenID Connect. But we also added a number of other gems that deserve to go under the spotlight.
OpenID Connect and SCIM (System for Cross-Domain Identity Management) are emerging standards defining new use cases for exposing identity outside of an organization, in a way that's both mobile and API friendly. It's an exciting step for the product.
Beyond these new protocols, however, there's plenty more to love. I'd like to highlight a few additions that have been widely praised by our customer base.
We introduced in PingFederate 6.6 support for authentication rules using adapter selectors to control how a user should authenticate in a given SSO or OAuth transaction. In version 7, we have blown the roof off in terms of flexibility of this feature.
Administrators can now craft richer policies, using a sort of decision tree structure that chains selectors together. In addition, there are new selectors used to form policy around things like what browser the user is using, what application they are requesting and even what permissions a mobile application is requesting.
This feature packs a ton of power and adds many unique options to PingFederate because of its extensive protocol coverage.
We've also made major strides in improving the administrative experience. For starters, we have given the administration console a new clean, modern look. We've added user-friendly features like reminding administrators to replicate their administrative changes within a cluster, and making the idle administrative timeout configurable. That might even help you further comply with your internal security policies. Bonus!
Lastly - we believe that PingFederate has the deepest Microsoft integration of any federation product on the market. We've polished off our Office 365 support with improved Kerberos handling to allow active desktop applications to seamlessly log in users provided they're already authenticated to the domain.
We added WS-Federation metadata support to allow Microsoft claims-aware applications to easily establish federated trust with PingFederate. It might sound like a small addition, but that - along with a few tweaks here and there in our WS-Federation protocol handling - has ensured that applications such as UAG, Dynamics CRM, and Azure ACS work right out of the box with PingFederate 7.
If you haven't already, download PingFederate 7 and explore all there is to love. Full details of what's new and what's changed are covered in our Release Notes