Release Notes

Warning: Single Sign‑On for Pivotal Cloud Foundry v1.5 is no longer supported because it has reached the End of General Support (EOGS) phase as defined by the Support Lifecycle Policy. To stay up to date with the latest software and security updates, upgrade to a supported version.

Breaking Change: Before you upgrade the Pivotal Application Service tile to PCF v2.0, you must first upgrade the SSO tile to v1.5.3 and configure the AppsManager errand in OpsManager. To properly prepare for upgrading to PCF v2.0 with the SSO tile, see the SSO upgrade knowledge base article.

WARNING: PAS does not support SHA1 to sign outbound SAML requests. If you use SHA1 with PCF v1.12, PAS automatically migrates your SAML signature algorithm to SHA256. If you are using SAML in PCF v1.12 through the SSO tile and your Identity Provider validates the signature of the SAML authentication request, see SHA Signature Support for SAML requests in PAS tile in PCF 2.0 in the Pivotal Knowledge Base.


Release Date: December 11, 2017

  • This release provides compatibility with manifest changes between Pivotal Elastic Runtime 1.12 and Pivotal Application Service 2.0 to allow for successful upgrades from 1.12 to 2.0 based upon the SSO upgrade knowledge base article.


Release Date: October 24, 2017

  • This release addresses an issue with managing service instances when more than 50 Space Developers exist within a space.


Release Date: September 27, 2017

  • This release addresses the upgrade issues for the Single Sign-On Service tile when legal footer links are configured.
  • This release addresses a Java Buildpack issue that causes required memory to increase to 1GB.
  • PCF updated stemcell to 3445 series. This is a security upgrade to bump Ubuntu stemcells for USN-3420-2: Linux kernel (Xenial HWE) vulnerabilities.


Release Date: September 19, 2017

  • Operators can now configure OpenID Connect integration with Azure OIDC and additional identity providers using newly exposed configuration options available for managing identity providers.
  • Token exchange client creation for JWT and SAML bearer grant types (urn:ietf:params:oauth:grant-type:jwt-bearer and urn:ietf:params:oauth:grant-type:saml2-bearer) is available through application bootstrapping.
  • Identity sample applications have been updated for Spring Boot 1.5, feature issuer check, and token keys support.
  • Fixed a bug where authorities for service to service applications (client credentials grant type) would not be assigned if they were being created as new resources

View Release Notes for Another Version

To view the release notes for another product version, select the version from the drop-down list at the top of this page.