Deprecated

The functionality listed here is deprecated, and likely to be removed in a future release.

Deprecated since AM 8.0

Monitoring

Interface endpoint for monitoring server activity with Prometheus

The /json/metrics/prometheus endpoint is deprecated in this release.

To monitor server activity with Prometheus, use one of the new endpoints instead:

/metrics/prometheus
/metrics/prometheus/0.0.4

Although the /metrics/prometheus endpoint is new, it is also deprecated in this release and support for its use will be removed in a future release. Move to the /metrics/prometheus/0.0.4 endpoint as soon as convenient.

Learn more in Monitor with Prometheus.

MBean and JMX interfaces

Support for the legacy MBean and the JMX monitoring interfaces is deprecated in this release.

AM supports other options for monitoring servers, including Graphite. Learn more in Monitor AM instances.

Audit event handlers

The following audit event handlers are deprecated and will be removed in a future release:

CSV
Syslog
JDBC
JMS

Use the JSON audit event handler instead.

Deprecated since AM 7.5

Secret label mappings

The following secret label mappings are deprecated in this release:

am.global.services.session.clientbased.encryption
am.global.services.session.clientbased.signing

Learn more about changes to secret label mappings in Support for storing secrets in secret stores.

Configuration replaced by secret labels

Feature Deprecated field

Feature	Deprecated field
CAPTCHA node	`CAPTCHA Secret Key`
Core authentication settings	`Persistent Cookie Encryption Certificate Alias` `Organization Authentication Signing Secret`
Encrypted device storage services: Device Binding service Device ID service Device Profiles service OATH service Push service WebAuthn service	`Key Store Password` `Key-Pair Alias` `Private Key Password`
OTP SMS Sender node and OTP Email Sender node	`Mail Server Authentication Password`
Password replay	`Replay Password Key` (`com.sun.identity.agents.config.replaypasswd.key`)
Persistent Cookie Decision node and Set Persistent Cookie node	`HMAC Signing Key`
PUSH notification service	`SNS Access Key Secret`
SAML v2.0 remote SP and IDP configuration	`Basic Authentication` settings
Session service	`Encryption Symmetric AES Key` `Signing HMAC Shared Secret`
Social Provider service	`Client Secret`

CAPTCHA node

CAPTCHA Secret Key

Core authentication settings

Persistent Cookie Encryption Certificate Alias

Organization Authentication Signing Secret

Encrypted device storage services:

Key Store Password

Key-Pair Alias

Private Key Password

OTP SMS Sender node and OTP Email Sender node

Mail Server Authentication Password

Password replay

Replay Password Key (com.sun.identity.agents.config.replaypasswd.key)

Persistent Cookie Decision node and Set Persistent Cookie node

HMAC Signing Key

PUSH notification service

SNS Access Key Secret

SAML v2.0 remote SP and IDP configuration

Basic Authentication settings

Session service

Encryption Symmetric AES Key

Signing HMAC Shared Secret

Social Provider service

Client Secret

Changes to `Action` class

The following org.forgerock.openam.auth.node.api.Action methods are deprecated in this release:

public ActionBuilder withUniversalId(String universalId)
public ActionBuilder withUniversalId(Optional<String> universalId)

Use the new public ActionBuilder withIdentifiedIdentity(String username, IdType identityType) and public ActionBuilder withIdentifiedIdentity(AMIdentity identity) methods instead.

The Optional <String> universalId field is also deprecated, and is replaced by Optional<IdentifiedIdentity> identifiedIdentity.

Legacy Social Provider node

The Legacy Social Provider Handler node has been marked as deprecated and will be removed in a future release. This node is replaced by a new Social Provider Handler node that resolves issues related to reentry cookies. The legacy node remains supported in existing journeys. If you’re creating new journeys, use the new Social Provider Handler node instead.

Deprecated since AM 7.4

No features or functionality were deprecated in this release.

Deprecated since AM 7.3

Changes to SAML v2.0 classes

The following classes are deprecated and will be removed in a future release:

Deprecated Replacement

Deprecated	Replacement
`com.sun.identity.saml2.plugins.FedletAdapter`	`org.forgerock.openam.saml2.plugins.FedletAdapter`
`com.sun.identity.saml2.plugins.SAML2IDPFinder`	`org.forgerock.openam.saml2.plugins.IDPFinder`
`com.sun.identity.saml2.plugins.SAML2IdentityProviderAdapter`	`org.forgerock.openam.saml2.plugins.IDPAdapter`
`com.sun.identity.saml2.plugins.SAML2ServiceProviderAdapter`	`org.forgerock.openam.saml2.plugins.SPAdapter`

com.sun.identity.saml2.plugins.FedletAdapter

org.forgerock.openam.saml2.plugins.FedletAdapter

com.sun.identity.saml2.plugins.SAML2IDPFinder

org.forgerock.openam.saml2.plugins.IDPFinder

com.sun.identity.saml2.plugins.SAML2IdentityProviderAdapter

org.forgerock.openam.saml2.plugins.IDPAdapter

com.sun.identity.saml2.plugins.SAML2ServiceProviderAdapter

org.forgerock.openam.saml2.plugins.SPAdapter

The following methods are deprecated and will be removed in a future release:

InitializePlugin.java: default void initialize(String, String)

Use initialize(Map) instead.

IDPAuthnContextMapper.java: public IDPAuthnContextInfo getIDPAuthnContextInfo(AuthnRequest, String, String) throws SAML2Exception

Use getIDPAuthnContextInfo(AuthnRequest, String, String, String) instead.

SNMP monitoring

Support for SNMP monitoring is deprecated in this release.

AM provides better options for monitoring servers, including support for Prometheus, Graphite, and JMX. Learn more in Monitor AM instances.

PingAM release notes