Hi Viraj, Using the UAA bosh release is the best way to achieve the needed enterprise grade operational features around High Availability, Disaster Recovery, Backup and restore, Logging , Monitoring e

Hi Dario, I completely understand the sentiment. I did not mean to talk about deprecation in this fashion. Our intention is to do a survey with the CF community and understand the usage of UAA feature

Hi Ryan, Best would be to fork and add the needed features for password policy. UAA will continue to support all the federation use cases and act as an OAuth2 server Thanks, Sree

We are planning to deprecate the use of internal use store and any other features around password policy. Internal User Store will be for dev only use. Because of this, we are not working on enhancing

Hi Ryan, This is intended behavior to prevent reuse of password essentially a password history check Thanks, Sree

Please update to the latest line which is 4.19.2 Thanks,Sree Tummidi Sr. Manager, Product Management Pivotal Cloud Foundry

Hi Rashmi, We only have support for google authenticator at this time. The best way to integrate an existing MFA to UAA is through federation like SAML/OIDC. In this case the entire auth flow is deleg

I recently presented the roadmap for UAA at the CF summit. The deck and recording are available now. https://cfsummit2017.sched.com/event/AFjy/uaa-feature-updates-and-2017-roadmap-i-sree-tummidi-pivot

Hi Shilpa, Users are associated with Identity Providers and not clients. Identity providers can be UAA internal user store or a SAML/LDAP/OIDC provider. There are two levels at which you can restrict

Hi All, Starting with UAA bosh release v35 <http://bosh.io/releases/github.com/cloudfoundry/uaa-release?version=35> the following ERB validations have been added for OAuth Clients: 1. *redirect-uri* i

Typo in my previous email :( Please note that cf-release <https://github.com/cloudfoundry/cf-release> *is not* impacted by this issue. There is no action needed. Thanks, Sree Tummidi Staff Product Man

Hello All, We have found an upgrade issue with standalone UAA v3.13.0 <https://github.com/cloudfoundry/uaa/releases/tag/3.13.0> (UAA Bosh Release v28 <http://bosh.io/releases/github.com/cloudfoundry/u

Hi All, On behalf of the entire UAA team I am pleased to announce the release of *UAA 3.10.0*. This release truly has been community driven effort with major feature contributions from *SAP* and *Micr

I have been informed by the CAPI team that the changes in Cloud Controller to use the new rotatable signing key format is not yet in place and is blocked on some fixes for CF-UAA-LIB <https://www.pivo

Hi Michael, This is the new way to specify the signing key used by UAA for signing the JWT tokens. This format allows for rotation of the keys. bosh-lite is currently using the deprecated properties m

*Please read carefully if you are using UAA as standalone or as a bosh release or part of cf-release* Starting with UAA bosh release V23 <http://bosh.io/releases/github.com/cloudfoundry/uaa-release?ve

Hello All, There has been some news lately about an OAuth2 Hack which effects billions of Android Apps. You can get more information here <http://securityaffairs.co/wordpress/53081/hacking/oauth-2-0-a

Hi Abhishek, As part of Pivotal deployments UAA is being used to secure both the platform and Apps running on the platform. Our hosted Cloud Foundry deployment (aka Pivotal Web Services) is running on

+ Siva & Ilya from GE Can you please help. Thanks, Sree Tummidi Staff Product Manager Identity - Pivotal Cloud Foundry wrote:

Thank you Amit ! Thanks, Sree Tummidi Staff Product Manager Identity - Pivotal Cloud Foundry wrote: