An Official Website of the Commonwealth of Pennsylvania
Contact the Keystone Login Help Desk for all questions, concerns and issues with Keystone Login. The help desk can be reached by phone at 877-328-0995 or by email at KeystoneLoginSupport@randstadusa.com.
Note: If you have a Keystone ID through the Child Welfare Portal (CWIS),
State Employee Retirement System (SERS),
Disaster Training Registration,
COMPASS
Child Support,
or Consolidated Eligibility Letter (CELS) you can use those same credentials to log in.
For assistance with those applications, please contact the CWIS Support Center at 1-877-343-0494
What's New
Select any of the following Release Numbers to review previous end-of-sprint deployment updates and fixes for Keystone Login
Enhancements
• KL:
o Updates to Keystone Login UI and improved accessibility.
o Updates to NuGet packages.
• KL Admin:
o Admin users can remove email addresses from duplicate Keystone Login accounts.
o Admin users can sort Agency and Application lists in the admin tool.
• KL Web:
o Updates to improve user login experience and reduce errors due to internal timeouts.
o Users can search for and restore system-purged accounts.
o Users now receive a link to the Forgot Password screen when they try to register a new account with an email address already in use.
o Password length must be a minimum of 12 characters.
o First letters of names are capitalized during Registration.
o Added login text and branding for identification when redirecting to Keystone Login from another agency.
o SiteMinder Login now retrieves the Active Directory GUID without an LDAP call.
o Improved SiteMinder connection exceptions.
o Updated Main page display for Managed Users.
Bug Fixes
• KL Web:
o Forgot Username
o Managed SiteMinder Login call
o Added Purged User connection string to External Client.
o Users can no longer create accounts with a “b-“ prefix in all domains.
Enhancements
• KL:
o Updated NuGet packages.
• KL Web:
o Non-managed users can no longer create usernames starting with “b-”.
o Unsent One-Time Passcode emails are now logged as exceptions.
o Updated the copyright bar at the bottom of all pages.
o Added labels to the radio buttons on the Choose MFA, Choose Provider, Experian Verification, and Forgot Password pages for accessibility.
Fixes
• KL Web:
o Fixed double spinners on the MFA pages.
o Fixed typo in the HTML on the Choose MFA page.
Enhancements
• KL:
o Updated framework to .Net 8.0.
o Updated all libraries.
Fixes
• KL Web:
o SAML logging issues for CWOPA users.
Enhancements
• KL Web:
o Added ‘Resend OTP’ button to the Verify One Time Passcode page.
o Improved exception logging for Social Login issues.
• KL Admin:
o Added Enhanced Security checkbox to the View User Profile page.
• KL API:
o Added KL User GUID to API call response for the SAML Logging function.
• KL:
o Updated libraries.
Fixes
• KL:
o Added Apple Touch Icon and image files to decrease the number of 404 errors on the servers.
• KL Web:
o Fixed Change Password process.
o Fixed Alert Message processing.
Enhancements
• KL Web:
o Removed outdated backend files.
o Added ‘Managed SiteMinder’ to code; not currently exposed in KL.
• KL Admin:
o Added tests for:
- Login
- Registration
- Username
- Password Change
- Email OTP
- SMS OTP
Fixes
• KL Web:
o Social Logins
- Adjusted configuration to remedy issues in production.
- Added exception handling to identify future errors.