An Official Website of the Commonwealth of Pennsylvania

Contact the Keystone Login Help Desk for all questions, concerns and issues with Keystone Login. The help desk can be reached by phone at 877-328-0995 or by email at KeystoneLoginSupport@randstadusa.com.

Note: If you have a Keystone ID through the Child Welfare Portal (CWIS), State Employee Retirement System (SERS), Disaster Training Registration, COMPASS Child Support, or Consolidated Eligibility Letter (CELS) you can use those same credentials to log in. For assistance with those applications, please contact the CWIS Support Center at 1-877-343-0494

What's New

Select any of the following Release Numbers to review previous end-of-sprint deployment updates and fixes for Keystone Login

                                
Enhancements
 
KL Admin:
•	Validation for Search and Help Desk Search pages to prevent searches with empty fields.
•	Help desk representatives now have edit capability on the HD Search screen.
•	Help desk representatives can view suggestions for missing One Time Passcode (OTP) issues on the HD Search screen.
•	Help desk representatives can now verify user identity and account ownership by name, email, and OTP.
•	Help desk representatives can log issues for users who do not have a Keystone Login account.
•	Updates to Help Desk User Guide.
 
KL Web:
•	Added User and Exception Log Archive tables.
 
 
Bug Fixes
 
KL Admin:
•	Fixed double record entry issue on Help Desk Search page.
 
KL Web:
•	Fixed issues when a user has invalid characters in their username and they are unable to edit their account information.

                                
Enhancements

KL Admin:
•	New search page for Help Desk representatives.
•	Ability to run a SiteMinder Login test to a specific SiteMinder endpoint.

KL:
•	New Help Desk Log table.

KL Web:
•	The Registration page now features text for required fields.

Bug Fixes

KL Admin:
•	The Exception Log screen loads faster.
•	The processing spinner for the Search, Exception, and User Log tables is now at the top of the page.
•	The Unlock/Enable button is hidden for MANAGED accounts.
•	The Remove Email button is hidden for CWOPA, MANAGED, and MUSER accounts.
•	Updates to the Remove Email button for SRPROD accounts for consistency and uniformity.
•	Updates to the page header text for consistency and uniformity.
•	Updates to field labels for consistency and uniformity.
•	Corrections for spelling and grammar errors.
•	Compiler warning clean-up.

KL:
•	Updates to NuGet packages.
•	Fix for build error in Dev environment.
•	Active Directory function call clean-up.

                                
Enhancements

KL Web:

o	Updated Keystone Login User Guide.
o	When logging in, the system will now check usernames against Citizen accounts first then Managed User accounts.

Bug Fixes

KL Admin:

o	Fixed searches by Agency and Application on the Exception and User Log pages.

KL:

o	Email in Use or Username in Use exceptions are not logged if no email or username is passed due to page validation.

                                
Enhancements

• KL:

o Added four new verification types (3 FDSH, 1 NSTIC) from Department of Human Services. 

Bug Fixes

• KL Admin:

o User search results remain on-screen when selecting the View and Edit options. 
o User accounts in the Managed domain are now searchable by email address. 

• KL Web:

o The Last Login details are loading correctly from the Active Directory. 
o The Principal Context error no longer results in creating new accounts with existing email addresses. 
o Multiple connection attempts are made when receiving a Principal Context error. 
o During the Add User process, a Get-AD GUID is sent from the Active Directory when it is not first received from Identity Manager.

                                
Enhancements

•	KL Admin:
o	Search results remain on the User Search page even after navigating to the View User page. 
o	Connected Reset Password, Change Password, and Edit Account to new Managed User API.
o	Added Health Check page.

•	KL Web:
o	Added a requirement (“Do not use any dictionary words as your password”) to the Registration page when the Enhanced Security box is checked.
o	Added Managed User feature flag for enabling/disabling.
o	Connected Change Password and Edit Account page to new Managed User API.
o	Added Edit Account to Home page for Managed Users.
o	Adjusted Login to handle SiteMinder Managed User now returning the Active Directory GUID.

•	KL:
o	Added Managed User API functions:
-	Get Managed User Data
-	Update User
-	Change Password
-	Reset Password
o	Updated to new version of Identity Manager Managed User API with fixes to change password and security questions.
o	Added security questions to Managed User Edit Account.

Bug Fixes

•	KL Admin:
o	Removed Today and Last 24 Hours buttons on Exception and User Log pages.

•	KL Web:
o	Split email/username duplicate search between Managed and Non-Managed so fields are searched in each independently.
o	Fixed handling of Expired Password response from Identity Manager.

•	KL:
o	Fixed spelling errors.
o	Cleaned up warnings.
o	Fixed password generator function to return a password of specified length (12 characters.)

What's New

Release Number: 2025.9.6.1 Release Date: 09/09/2025

Release Number: 2025.6.16.1 Release Date: 06/24/2025

Release Number: 2025.4.16.1 Release Date: 04/24/2025

Release Number: 2025.3.24.1 Release Date: 03/27/2025

Release Number: 2025.2.4.1 Release Date: 02/14/2025