PingOne Advanced Services Release Notes

Review release notes for PingOne Advanced Services.

Subscribe to get automatic updates: PingOne Advanced Services release notes RSS feed

PingOne Advanced Services platform version 2.1.0 is the final version that supports basic authentication for the PingFederate and PingAccess Admin APIs. After platform version 2.3.0 releases, 2.1.0 will move into extended support and six months later will reach its End of Life (EOL) status, as outlined in our Support policy. Exceptions to this policy will be granted on a case-by-case basis.
In the upcoming version of PingOne Advanced Services, platform version 2.3, PingOne Advanced Services will start using formatted JSON to improve the logging output, which might require adjustments to custom parsing logic in your SIEM. A sample of logs in the new format is available to download.

Platform version 2.2.0 (March 2026)

This platform version deploys with these microservices and applications:

PingAccess 2.2.0
- PingAccess 9.0.0
PingCentral 2.2.0
- PingCentral 2.2.0
PingDirectory 2.2.0
- PingDirectory suite of products 10.3.0.1
  - PingDataSync 10.3.0.0
  - Delegated Admin 5.0.0
    
    PingDirectory was upgraded from Java 11 to Java 17 in this release, so compatibility testing and validation should be done before integrating with your systems.
PingFederate 2.2.0
- PingFederate 12.2.6

Enhancements

Support policy now available

New

Our support policy is now available in our product documentation, which covers the platform versions we support, deprecation timelines, and information regarding upgrades. Learn more about our policy in Support policy.

Create and update virtual hosts using the admin console

New

You and your administrators can now create and update virtual host certificates and TLS configurations yourselves by using either the new PingOne Advanced Services admin console or the administrative API. Learn more about this process in Creating and updating virtual hosts.

IP allow list service request form now available

New

IP allow lists are designed to restrict access to networks, applications, or services to only authorized, preapproved IP addresses. To request that an IP allow list be added or updated to specific PingOne Advanced Services public endpoints, submit a service request through the Support Portal. Learn more about submitting this type of request in Platform service requests > IP allow list.

PingDirectory restart process improved

Improved

This update introduces a simplified deployment and configuration pattern for PingDirectory.

Platform version 2.1.1 (September 2025)

This platform version deploys with these microservices and applications:

PingAccess 2.1.0
- PingAccess 8.2.0
PingCentral 2.1.0
- PingCentral 2.2.0
PingDirectory 2.1.1
- PingDirectory suite of products 10.0.0.6
  - PingDataSync 10.0.0.2
  - Delegated Admin 5.0.0
PingFederate 2.1.1
- PingFederate 12.2.5

We’ve also updated these microservices and applications, which are available for platform version 2.1.1:

Enhancements

Use OAuth to access the PingFederate Admin API

New

To connect to the PingFederate API, get an access token. This token can be retrieved using an authorization code flow or a client credentials flow.

If you choose to use a client credentials flow, connections must be correctly configured for self-managing administrator accounts.

PingOne Advanced Services platform version 2.1 is the last version that supports basic authentication for the PingFederate and PingAccess Admin APIs. After platform version 2.3.0 is released, 2.1.0 will move into extended support and six months later will reach its End of Life (EOL) status, as outlined in our Support policy. Exceptions to this policy will be granted on a case-by-case basis.

Platform version 2.1.0 (May 2025)

This platform version deploys with these microservices and applications:

PingAccess 2.1.0
- PingAccess 8.2.0 release notes.
  
  PingAccess was upgraded from Java 11 to Java 17 in this release, so compatibility testing and validation should be done before integrating with your systems.
PingCentral 2.1.1
- PingCentral PingCentral 2.2.0 release notes.
PingDirectory 2.1.0
- PingDirectory suite of products 10.0.0.4
  - PingDataSync 10.0.0.2
  - Delegated Admin 5.0.0
PingFederate 2.1.0
- PingFederate 12.1.6

Enhancements

Use OAuth to access the PingAccess Admin API

New

To connect to the PingAccess API, get an access token. This token can be retrieved using an authorization code flow or a client credentials flow.

If you choose to use a client credentials flow, connections must be correctly configured for self-managing administrator accounts.

For improved security, basic authentication for the PingAccess Admin API has been deprecated and will be removed in PingOne Advanced Services version 2.2.

LDAPS custom domains now supported

Improved

PingDirectory LDAPS URLs are now routed through NGINX, which has improved system flexibility and supports custom domains.

Automated certificates for global DNS domains now available

Improved

Those using Let’s Encrypt certificates to ensure that communications between PingOne Advanced Services products and services remain encrypted and secure (used by default), can now create automated certificates for global DNS domains.

Logging improvements

Improved

Internal log pipeline stability improvements have been made, which will further help you observe and maintain your system.

Platform version 2.0.1 (April 2025)

This platform version deploys with these microservices and applications:

PingAccess 2.0.1
- PingAccess 8.0.6
PingCentral 2.0.1
- PingCentral 2.0.2
PingDirectory 2.0.1
- PingDirectory suite of products 10.0.0.4
  - PingDataSync 10.0.0.2
  - Delegated Admin 5.0.0
PingFederate 2.0.1
- PingFederate 12.1.6

We’ve also updated these microservices and applications, which are available for platform version 2.0.1:

PingFederate 2.0.2 (November 2025)

PingFederate 12.1.9

Platform version 2.0.0 (December 2024)

This platform version deploys with these microservices and applications:

PingAccess 2.0.0
- PingAccess 8.0.4
PingCentral 2.0.0
- PingCentral 2.0.2
PingDirectory 2.0.0
- PingDirectory suite of products 10.0.0.2
  - PingDataSync 10.0.0.2
  - Delegated Admin 5.0.0
PingFederate 2.0.0
- PingFederate 12.1.0

Enhancements

Self-service API Beta now available

New

You and your administrators can now create and update virtual host certificates and TLS configurations yourselves through a self-service API. Configurations are automatically replicated to child regions in PingOne Advanced Services for the following applications:

PingFederate
PingFederate Admin API
PingAccess
PingAccess Admin API
PingAccess Agents
PingDirectory
Delegated Admin

Learn more in Creating and updating virtual hosts.

If you don’t want to create or update virtual hosts yourself, you can still submit a service request. Select Advanced/Other as your requested capability, provide a detailed description of your needs, and submit your request to the Support team.

You’ll need to configure access to the administrative API before you can add or update virtual hosts. Learn more about configuring the API in Configuring access to the administrative API.

You’ll also need to add the SelfService attribute. Learn more about these attributes in Creating custom user attributes. Then, update the application with the appropriate attribute mappings.