Release Notes

These are release notes for the Single Sign-On service for Pivotal Cloud Foundry (PCF).


Release Date: June 12, 2019


Change in this release:

  • Updates the cf CLI to v6.45.0


Release Date: April 12, 2019

Fixed Issues

This release fixes the following issue:

  • The SSO Developer Dashboard would not load apps if there were more than 500 UAA clients in the identity zone.


Release Date: March 6, 2019

Fixed Issues

This release fixes the following issue:

  • Custom branding images caused BOSH logs to exceed 1 MB and installations to fail. Logs are now reduced to prevent this issue.


Release Date: November 2, 2018

Fixed Issues

This release fixes the following issue:

  • Having a large number of service plans prevented system operators from editing service plan details.


Release Date: September 6, 2018


Breaking Change: The Single Sign-On v1.7.1 and later requires the Ubuntu Xenial stemcell due to end-of-support for the Ubuntu Trusty series. This might break automation you have set up to update SSO deployments that used Trusty stemcells.

New features and changes in this release:

  • The PCF stemcell is updated to 97.XX series (Ubuntu 16.04 Xenial). See the Breaking Change above.

  • Compatibility for cflinuxfs3

Known Issues

This release has the following issue:

Before you update or upgrade to SSO v1.7.1, if you are using BOSH add-on’s for PCF, you must update the add-on definitions to include the Ubuntu Xenial 16.04 stemcell. For instructions, see Update Add-ons to Run with Xenial Stemcell.


Release Date: August 14, 2018


New features and changes in this release:

  • Expanded API functionality for identity providers: Operators can now use the API to configure additional features on identity providers that are not yet exposed through the SSO dashboard. SSO honors values configured through the API so that they are retained when using the SSO dashboard. For more information, see the following sections of Configuring Identity Providers with UAAC:

    To learn more about… See…
    Enabling Client Auth for OIDC Enable Client Auth for OIDC
    Skipping SSL validation for SAML Skip SSL validation for SAML
  • Expanded API functionality for clients and users: Operators can now use the API to configure additional features on Clients and Users.

  • External service keys: The SSO service broker now supports cf create-service-key. For more information, see Managing Service Keys and Register an External App Using Service Keys.

  • JSON bind parameters for client configuration: The SSO service broker now supports passing client configuration on the command line for cf bind-service. For more information, see Configure SSO Properties with Bind Parameters. This is the recommended approach for configuring clients bound to Cloud Foundry apps.

  • Client redirect URI now supports custom schemes: When configuring a client’s redirect URIs, SSO now supports custom URI schemes. A common use case is deep-linking for mobile apps. For more information, see Configuring apps.

  • Single logout for all SSO dashboards with Pivotal Application Service (PAS): Session state for logouts on SSO dashboards are now synchronized with your UAA session. This is done using uaa-singular.

Known Issues

There are no known issues for this release.

Viewing Release Notes for Another Version

To view the release notes for another product version, select the version from the drop-down list at the top of this page.