a good thing!
PingOne for Enterprise
Administrators can now leverage any SAML identity provider (IdP) to sign into the PingOne SSO for SaaS Apps Admin Portal. Instead of managing local administrator accounts, admins can sign in through their organization's identity provider with roles determined by group membership. Additionally, administrators in both PingOne for Enterprise and PingOne SSO for SaaS Apps can manage email notification settings for certificate alerts.
With OAuth client access now supported, PingOne for Enterprise admins can provide security teams with greater visibility into event data without adding additional admins. Dedicated OAuth clients can be created to retrieve subscription events such as actions, resources, clients and authentication results from the PingOne for Enterprise reporting API.
The PingOne for Enterprise directory now supports the use of all user attributes in SSO attribute mappings, allowing for additional user information to be sent to service providers during SSO. Also, admins can now set a signing certificate as the default for new connections. This streamlines the configuration process for new connections by automatically selecting the default certificate during the setup process.
PingOne SSO for SaaS Apps administrators are now able to update and manage certificates. They now have access to several tools to visualize and manage certificates used by their applications and connected customer identity providers. It allows for more flexibility and control with the ability to create new signing certificates, rotate existing certificates and see which applications and customers are using certificates that are expiring or have expired.
PingOne for Enterprise now supports additional branding and customization options to present a more seamless user experience. All aspects of a user journey can be customized with an organization’s logo and theme. This includes dock, hosted login & password reset, identity provider (IdP) discovery, logout and error screens.
Global Administrators can now delegate the administration of their applications to specific individuals to allow them to manage application configuration, access policy and run application specific transaction reports. These capabilities increase enterprise agility by removing identity as a bottleneck and enabling application self service capabilities for application owners.
Adding applications leveraging the OIDC protocol just got easier, with a setup wizard providing guidance for administrators during configuration. Once admins select the specific OIDC application type to configure, subsequent steps are then tailored to that application type (e.g. web, native, single page). Additionally, OIDC applications registered in PingOne for Enterprise can now be configured with a single logout (SLO) option which enables PingOne to trigger a logout action in the application.
The Salesforce Connector 7.0 allows PingOne for Enterprise customers to build on existing integrations to Salesforce with new support for provisioning to the Salesforce Community Cloud as well as the ability to create connections to custom Salesforce Domains. The release also reduces administrative efforts with the ability to create multiple Salesforce connections in a single PingOne for Enterprise instance and by adding support for the latest version of the Salesforce REST API (v46).
The PingOne for Enterprise AWS provisioner has been updated to support the AWS 2.0 API, including the provisioning of the Password and PasswordResetRequired attributes, as well as for updating the UserName attribute.
Administrators using PingOne Directory or AD connect as their IdP can now customize the branding for login and password reset screens, while those leveraging PingOne Directory can customize branding for self service registration. In addition, administrators can also leverage new SSO reports, which include the ability to filter transactional events by application name instead of viewing all transactions in aggregate. Finally, administrators can now assign multiple groups to administrative roles for the purpose of SSO to the PingOne admin portal from the PingOne dock.
We eased integration with Azure and ADFS by adding them as new identity provider options. Admins also now have the ability to do attribute mapping as a part of any identity provider setup. For Azure AD, you can also synchronize groups for SSO access control.
Ping Identity is pleased to announce the PingOne for Enterprise Free Trial program. Now you can try our cloud-based IDaaS SSO and directory solution free for 30 days. With PingOne for Enterprise customers can quickly and easily provide secure access to SaaS and cloud applications.
PingOne SSO for SaaS Applications now provides administrators better visibility into their customers’ SSO transactional activity with new summary reports and the ability to filter transactional SSO events by customer tenant or application name.
PingOne SSO for SaaS Apps admins can now use the Customer Connections API to automate the creation of new connections to applications without the need for manual steps, accelerating onboarding and preventing configuration errors. All functionality is now available through the API, including features that were previously limited to the admin console such as multiplexing and single logout (SLO) settings.
The new PingOne GitHub and Lucid Chart Connectors enable enterprises to set up SSO and reduce administrative efforts by offering quick connection templates for provisioning users and groups.
PingOne for Enterprise now supports the OpenID Connect (OIDC) protocol for application integration via code, implicit and hybrid flows. With this integration, OIDC standard-based applications are now treated identically to SAML applications and can be made available on the PingOne dock and selectable in access and authentication policies.
PingOne for Enterprise introduces significant features to ease administration and improve user experience. The latest release expands the administrative auditing features to now support both partner and PingID use cases, in addition to workforce. We improved administrative ease of use of PingOne as an OIDC relying party by changing the way user attributes are mapped and updating the OIDC application wizard and summary screen. Also, PingOne for Enterprise now provides a more convenient, secure user experience by supporting OIDC Identity Provider single logout (SLO).
PingOne for Enterprise (P14E) administrators can now specify optional parameters for the authentication request PingOne sends to an OpenID Provider. Admins can streamline session management and configuration now that the P14E dock shares the same session lifetime as the PingOne SSO session, which can be set to as low as 15 minutes. We also added Turkish language support to the end-user interface.
You can now set entire admin SSO groups to "read-only" instead of setting administrators to be read-only one by one. A new admin role for PingID is also available, with reduced permissions for end users who don’t need access to sensitive information. Additionally, if your organization disables third-party cookies for enhanced privacy, you can use the new redirect-based SLO flow to ensure compatibility with your cookie settings.
PingOne for Enterprise administrators can now create custom application categories to be displayed on the dock. Categorize applications in a way that makes the most sense for your organization, such as grouping apps for new hires under an "Onboarding" category or grouping apps that require a VPN under a custom "VPN-only" category. Administrators can also configure localization for new categories in all supported languages.