a good thing!
PingOne for Enterprise
The PingOne for Enterprise directory now supports the use of all user attributes in SSO attribute mappings, allowing for additional user information to be sent to service providers during SSO. Also, admins can now set a signing certificate as the default for new connections. This streamlines the configuration process for new connections by automatically selecting the default certificate during the setup process.
PingOne SSO for SaaS Apps administrators are now able to update and manage certificates. They now have access to several tools to visualize and manage certificates used by their applications and connected customer identity providers. It allows for more flexibility and control with the ability to create new signing certificates, rotate existing certificates and see which applications and customers are using certificates that are expiring or have expired.
PingOne for Enterprise now supports additional branding and customization options to present a more seamless user experience. All aspects of a user journey can be customized with an organization’s logo and theme. This includes dock, hosted login & password reset, identity provider (IdP) discovery, logout and error screens.
Global Administrators can now delegate the administration of their applications to specific individuals to allow them to manage application configuration, access policy and run application specific transaction reports. These capabilities increase enterprise agility by removing identity as a bottleneck and enabling application self service capabilities for application owners.
Adding applications leveraging the OIDC protocol just got easier, with a setup wizard providing guidance for administrators during configuration. Once admins select the specific OIDC application type to configure, subsequent steps are then tailored to that application type (e.g. web, native, single page). Additionally, OIDC applications registered in PingOne for Enterprise can now be configured with a single logout (SLO) option which enables PingOne to trigger a logout action in the application.
The Salesforce Connector 7.0 allows PingOne for Enterprise customers to build on existing integrations to Salesforce with new support for provisioning to the Salesforce Community Cloud as well as the ability to create connections to custom Salesforce Domains. The release also reduces administrative efforts with the ability to create multiple Salesforce connections in a single PingOne for Enterprise instance and by adding support for the latest version of the Salesforce REST API (v46).
The PingOne for Enterprise AWS provisioner has been updated to support the AWS 2.0 API, including the provisioning of the Password and PasswordResetRequired attributes, as well as for updating the UserName attribute.
Administrators using PingOne Directory or AD connect as their IdP can now customize the branding for login and password reset screens, while those leveraging PingOne Directory can customize branding for self service registration. In addition, administrators can also leverage new SSO reports, which include the ability to filter transactional events by application name instead of viewing all transactions in aggregate. Finally, administrators can now assign multiple groups to administrative roles for the purpose of SSO to the PingOne admin portal from the PingOne dock.
We eased integration with Azure and ADFS by adding them as new identity provider options. Admins also now have the ability to do attribute mapping as a part of any identity provider setup. For Azure AD, you can also synchronize groups for SSO access control.
Ping Identity is pleased to announce the PingOne for Enterprise Free Trial program. Now you can try our cloud-based IDaaS SSO and directory solution free for 30 days. With PingOne for Enterprise customers can quickly and easily provide secure access to SaaS and cloud applications.
PingOne SSO for SaaS Applications now provides administrators better visibility into their customers’ SSO transactional activity with new summary reports and the ability to filter transactional SSO events by customer tenant or application name.
PingOne for Enterprise eases administration with improved OIDC support. When the default OIDC scopes and claims are insufficient, admins can now define custom scopes and attributes for their apps.
We are pleased to announce PingOne for Customers, an Identity as a Service offering built for developers, that provides API-based identity services for customer-facing apps. It helps large enterprises launch apps faster, replace custom identity services that are difficult to maintain, and facilitate the transition from on-premises deployments to cloud-hosted services.
PingOne for Enterprise eases administration with improved OIDC support. When the default OIDC scopes and claims are insufficient, admins can now define custom scopes and claims (attributes) for their apps.
PingOne for Enterprise (P14E) administrators can now specify optional parameters for the authentication request PingOne sends to an OpenID Provider. Admins can streamline session management and configuration now that the P14E dock shares the same session lifetime as the PingOne SSO session, which can be set to as low as 15 minutes. We also added Turkish language support to the end-user interface.
PingOne for Enterprise introduces significant features to ease administration and improve user experience. The latest release expands the administrative auditing features to now support both partner and PingID use cases, in addition to workforce. We improved administrative ease of use of PingOne as an OIDC relying party by changing the way user attributes are mapped and updating the OIDC application wizard and summary screen. Also, PingOne for Enterprise now provides a more convenient, secure user experience by supporting OIDC Identity Provider single logout (SLO).
The new PingOne GitHub and Lucid Chart Connectors enable enterprises to set up SSO and reduce administrative efforts by offering quick connection templates for provisioning users and groups.
PingOne for Enterprise now supports the OpenID Connect (OIDC) protocol for application integration via code, implicit and hybrid flows. With this integration, OIDC standard-based applications are now treated identically to SAML applications and can be made available on the PingOne dock and selectable in access and authentication policies.
For added security, PingOne for Enterprise adds an option when configuring SAML applications to enable encryption of the SAML response sent from PingOne to the service providers.
From the PingOne admin portal, PingOne for Enterprise administrators now can access and manage their subscriptions for audit streaming, which increases administrator visibility into transactional audit events.
PingOne for Enterprise administrators can now select from two subscription options to receive audit events surrounding end users and their respective authentication events. “Push” subscriptions allow audit events to be continuously streamed to an external service such as Splunk. “Poll” subscriptions allow clients to retrieve event data through an API on an as-needed basis in configurable blocks of records.
If you have an authentication policy in place for your PingOne account, when you add an application to PingOne, you now have the option to require that each time a user accesses the application, they must use multi-factor authentication (MFA).
When you add an application to PingOne for Enterprise and use advanced attribute mapping to map your identity provider attributes to service provider attributes, you'll now find settings for random and hash functions. The hash function takes a literal string or attribute value. The random function generates a random string of a specified length. Both functions optionally hash the string using the selected algorithm (MD5, SHA-1, SHA-256) and encode the string using the selected encoder (hex, base64).
PingOne for Enterprise administrators can now authenticate end users through OpenID Connect identity repositories. In addition, PingOne SSO for SaaS Apps administrators can now manage partner identity repositories, provide access to applications from a private catalog, enable access to a partner PingOne dock and apply MFA policies to sensitive applications.
PingOne for Enterprise's identity bridge to Active Directory, AD Connect 4.0.1, now supports non-string data types sent during single sign-on.
PingOne for Enterprise now supports additional user attributes within the Workplace by FacebookTM provisioner. In order to take advantage of the new provisioner features, you will need to edit the SaaS provisioning connector.
For more information, see the PingFederate Workplace by Facebook Connector Guide 1.7.
For product updates prior to 2018, please use the button below.
With OAuth client access now supported, PingOne for Enterprise admins can provide security teams with greater visibility into event data without adding additional admins. Dedicated OAuth clients can be created to retrieve subscription events such as actions, resources, clients and authentication results from the PingOne for Enterprise reporting API.