Removed

The listed features and properties have been removed, as defined in ForgeRock product stability labels.

Removed in IG 2023.2

Feature or property Setting Replacement setting Deprecated in

Feature or property	Setting	Replacement setting	Deprecated in
IG delivery	.war file	.zip file	6
Environment variable and system property	`OPENIG_BASE` `openig.base`	`IG_INSTANCE_DIR` `ig.instance.dir`	6
PolicyEnforcementFilter	`executor`	`cache` subproperty `executor`	6
ClientHandler and ReverseProxyHandler	`keyManager` `sslCipherSuites` `sslContextAlgorithm` `sslEnabledProtocols` `trustManager`	`tls` property to define a ClientTlsOptions object	6.5
UserProfileFilter	`ssoToken`	`username`	6.5
`profileAttributes`	`userProfileService` subproperty `profileAttributes`	6.5
`amService`	`userProfileService` subproperty `amService`	6.5
StatelessAccessTokenResolver	`signatureSecretId`	`verificationSecretId`	6.5.1
`encryptionSecretId`	`decryptionSecretId`	6.5.1

IG delivery

.war file

.zip file

Environment variable and system property

OPENIG_BASE
openig.base

IG_INSTANCE_DIR
ig.instance.dir

PolicyEnforcementFilter

executor

cache subproperty executor

ClientHandler and ReverseProxyHandler

keyManager
sslCipherSuites
sslContextAlgorithm
sslEnabledProtocols
trustManager

tls property to define a ClientTlsOptions object

6.5

UserProfileFilter

ssoToken

username

6.5

profileAttributes

userProfileService subproperty profileAttributes

6.5

amService

userProfileService subproperty amService

6.5

StatelessAccessTokenResolver

signatureSecretId

verificationSecretId

6.5.1

encryptionSecretId

decryptionSecretId

6.5.1

Removed in IG 7.2

Feature or property Setting Replacement setting Deprecated in

Feature or property	Setting	Replacement setting	Deprecated in
StaticResponseHandler	`version`	Not replaced	Not deprecated

StaticResponseHandler

version

Not replaced

Not deprecated

Removed in IG 7.1

Feature or property Setting Replacement setting Deprecated in

Feature or property	Setting	Replacement setting	Deprecated in
Route	`monitor`	Prometheus Scrape Endpoint and Common REST Monitoring Endpoint	6

Route

monitor

Prometheus Scrape Endpoint and Common REST Monitoring Endpoint

Removed in IG 7

Feature or property Setting Replacement setting Deprecated in

Feature or property	Setting	Replacement setting	Deprecated in
Support for AM Policy Agents	Use of AM policy agents in password capture and replay	CapturedUserPasswordFilter	6
ClientRegistration	`keyStore`	`keystore`	6.1
OAuth2ResourceServerFilter	`cacheExpiration`, and the values of zero and unlimited are not supported	`cache` and its subproperties	5.5.1
PolicyEnforcementFilter	`cache` subproperty `maxTimeout`	`cache` subproperty `maximumTimeToCache`	6

Support for AM Policy Agents

Use of AM policy agents in password capture and replay

CapturedUserPasswordFilter

ClientRegistration

keyStore

keystore

6.1

OAuth2ResourceServerFilter

cacheExpiration, and the values of zero and unlimited are not supported

cache and its subproperties

5.5.1

PolicyEnforcementFilter

cache subproperty maxTimeout

cache subproperty maximumTimeToCache

Removed in IG 6.5

Feature or property Setting Replacement setting Deprecated in

Feature or property	Setting	Replacement setting	Deprecated in
PolicyEnforcementFilter	`pepUsername`, `pepPassword`	AmService properties `agent`	6.5
`amHandler`, `openamUrl`, `realm`, `ssoTokenHeader`	AmService properties `amHandler`, `url`, `realm`, `ssoTokenHeader`	6
SingleSignOnFilter	`amHandler`, `openamUrl`, `realm`, and `cookieName`	AmService properties `amHandler`, `url`, `realm`, and `ssoTokenHeader`	6
TokenTransformationFilter	`amHandler`, `openamUrl`, `realm`, `ssoTokenHeader`	AmService properties `amHandler`, `url`, `realm`, `ssoTokenHeader`	6
`username`, `password`	AmService property `agent`	6.1
ReverseProxyHandler	`websocket` subproperties: `keyManager` `sslCipherSuites` `sslContextAlgorithm` `sslEnabledProtocols` `trustManager`	`tls` property to define a ClientTlsOptions object	6.1

PolicyEnforcementFilter

pepUsername, pepPassword

AmService properties agent

6.5

amHandler, openamUrl, realm, ssoTokenHeader

AmService properties amHandler, url, realm, ssoTokenHeader

SingleSignOnFilter

amHandler, openamUrl, realm, and cookieName

AmService properties amHandler, url, realm, and ssoTokenHeader

TokenTransformationFilter

amHandler, openamUrl, realm, ssoTokenHeader

AmService properties amHandler, url, realm, ssoTokenHeader

username, password

AmService property agent

6.1

ReverseProxyHandler

websocket subproperties:

keyManager
sslCipherSuites
sslContextAlgorithm
sslEnabledProtocols
trustManager

tls property to define a ClientTlsOptions object

6.1

Removed in IG 6.1

No features or properties were removed in this release.

Removed in IG 6

Feature or property Setting Replacement setting Deprecated in

Feature or property	Setting	Replacement setting	Deprecated in
HeapClientRegistrationRepository	Whole object	AuthorizationCodeOAuth2ClientFilter property `registrations`	5.5.1
Jetty support	8	9	-
ClientRegistration	`tokenEndpointUseBasicAuth`	`tokenEndpointAuthMethod`	5.5.1
OAuth2ResourceServerFilter	`tokenInfoEndpoint`, `providerHandler`	Configuration properties of OpenAmAccessTokenResolver, TokenIntrospectionAccessTokenResolver, and ScriptableAccessTokenResolver	5.5.1
OpenAmAccessTokenResolver	`endpoint`	AmService property `url`	6
UmaService	`authorizationServerUri`	`wellKnownEndpoint` and the AmService property `url`	Not deprecated

HeapClientRegistrationRepository

Whole object

AuthorizationCodeOAuth2ClientFilter property registrations

5.5.1

Jetty support

ClientRegistration

tokenEndpointUseBasicAuth

tokenEndpointAuthMethod

5.5.1

OAuth2ResourceServerFilter

tokenInfoEndpoint, providerHandler

Configuration properties of OpenAmAccessTokenResolver, TokenIntrospectionAccessTokenResolver, and ScriptableAccessTokenResolver

5.5.1

OpenAmAccessTokenResolver

endpoint

AmService property url

UmaService

authorizationServerUri

wellKnownEndpoint and the AmService property url

Not deprecated

Removed in IG 5.5

Feature or property Setting Replacement setting Deprecated in

Feature or property	Setting	Replacement setting	Deprecated in
Finalize Method	Finalize Method for HTTP messages	Alternate approach⁽¹⁾	Not deprecated
UMA support	UMA 1.x	UMA 2.x	OpenIG 14
UmaService	`clientId` and `clientSecret`	Not replaced. IG uses the PAT to create an UMA resource.	OpenIG 14

Finalize Method

Finalize Method for HTTP messages

Alternate approach⁽¹⁾

Not deprecated

UMA support

UMA 1.x

UMA 2.x

OpenIG 14

UmaService

clientId and clientSecret

Not replaced. IG uses the PAT to create an UMA resource.

OpenIG 14

⁽¹⁾Consider the following points on compatibility for the Finalize method:

After creating a new request object, explicitly close it after use. For example, the following Java code was used in a previous release:
```
ThrottlingRate rate = datasource.lookup(new RootContext(), new Request()).get();
```
Here the equivalent Java code includes a final close operation:
```
ThrottlingRate rate = datasource.lookup(new RootContext(), request)
  .thenAlways(request::close)
  .get();
```
In scripts, the client binding automatically closes the request that is provided as a parameter. Therefore, it is not necessary to manually close the request for scripts.

After the request is automatically closed, the request entity is empty and can’t be accessed. Response callbacks that try to access the request entity will fail.

Work around this behavior in the following ways:
- Keep the request open by using the client.sendNoClose() method instead of client.send(). This method to prevents closure of requests after send. If you use this method, remember to manually close the request.
- Access the request entity before the request is closed, for example by including the request.entity.string assignment before calling the client.send() with the request.

ForgeRock Identity Gateway

Removed

Removed in IG 2023.2

Removed in IG 7.2

Removed in IG 7.1

Removed in IG 7

Removed in IG 6.5

Removed in IG 6.1

Removed in IG 6

Removed in IG 5.5