Administrators can now leverage any SAML identity provider (IdP) to sign into the PingOne SSO for SaaS Apps Admin Portal. Instead of managing local administrator accounts, admins can sign in through their organization's identity provider with roles determined by group membership. Additionally, administrators in both PingOne for Enterprise and PingOne SSO for SaaS Apps can manage email notification settings for certificate alerts.

With OAuth client access now supported, PingOne for Enterprise admins can provide security teams with greater visibility into event data without adding additional admins. Dedicated OAuth clients can be created to retrieve subscription events such as actions, resources, clients and authentication results from the PingOne for Enterprise reporting API.

The PingOne for Enterprise directory now supports the use of all user attributes in SSO attribute mappings, allowing for additional user information to be sent to service providers during SSO. Also, admins can now set a signing certificate as the default for new connections. This streamlines the configuration process for new connections by automatically selecting the default certificate during the setup process.

PingOne SSO for SaaS Apps administrators are now able to update and manage certificates. They now have access to several tools to visualize and manage certificates used by their applications and connected customer identity providers. It allows for more flexibility and control with the ability to create new signing certificates, rotate existing certificates and see which applications and customers are using certificates that are expiring or have expired.

PingOne for Enterprise now supports additional branding and customization options to present a more seamless user experience. All aspects of a user journey can be customized with an organization’s logo and theme. This includes dock, hosted login & password reset, identity provider (IdP) discovery, logout and error screens.

Global Administrators can now delegate the administration of their applications to specific individuals to allow them to manage application configuration, access policy and run application specific transaction reports. These capabilities increase enterprise agility by removing identity as a bottleneck and enabling application self service capabilities for application owners.

Adding applications leveraging the OIDC protocol just got easier, with a setup wizard providing guidance for administrators during configuration. Once admins select the specific OIDC application type to configure, subsequent steps are then tailored to that application type (e.g. web, native, single page). Additionally, OIDC applications registered in PingOne for Enterprise can now be configured with a single logout (SLO) option which enables PingOne to trigger a logout action in the application.

The Salesforce Connector 7.0 allows PingOne for Enterprise customers to build on existing integrations to Salesforce with new support for provisioning to the Salesforce Community Cloud as well as the ability to create connections to custom Salesforce Domains. The release also reduces administrative efforts with the ability to create multiple Salesforce connections in a single PingOne for Enterprise instance and by adding support for the latest version of the Salesforce REST API (v46).

The PingOne for Enterprise AWS provisioner has been updated to support the AWS 2.0 API, including the provisioning of the Password and PasswordResetRequired attributes, as well as for updating the UserName attribute.

Administrators using PingOne Directory or AD connect as their IdP can now customize the branding for login and password reset screens, while those leveraging PingOne Directory can customize branding for self service registration. In addition, administrators can also leverage new SSO reports, which include the ability to filter transactional events by application name instead of viewing all transactions in aggregate. Finally, administrators can now assign multiple groups to administrative roles for the purpose of SSO to the PingOne admin portal from the PingOne dock.