Okta Preview Sandbox – Release 2016.24 Skip to main content
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Okta Preview Sandbox – Release 2016.24
Published: Jun 14, 2016   -   Updated: Jun 22, 2018
Okta Preview Release 2016.24 began deployment on June 15. For the latest information on our release schedule, see Current Release Status.

Check the version number at the bottom of your Okta Administrator page to see your current version. Clicking the version number takes you directly to the folder containing the release notes.

User-added image

Version numbers indicate the year and week of the year that releases are pushed to orgs. For example, release 2016.02 was pushed the second week of 2016. The week numbers follow the ISO Week Date convention. 

Important Notice for AD Integrations Using Federated Profiles

If your Okta Active Directory (AD) integration uses Federated Profiles, you should update to the latest GA version of the Okta AD agent. Beginning April 21, 2016, Okta automatically migrated all orgs that use the Federated Profiles option to the Okta enhanced AD integration, which requires agent version 3.0.8 or higher. If your Okta AD agent is earlier than version 3.0.8, following the migration your organization may experience inconsistent behavior, including loss of groups and group memberships.

To identify orgs running Federated Profiles, see Determining Your AD Integration Type.

For download and installation instructions, see Installing and Configuring the Active Directory Agent.

Note: If you run multiple Okta AD agents, upgrade all agents on your domain servers to the same version. Running different versions of the AD agent can cause all of them to function at the level of your oldest agent.

New Product Features​

Unless otherwise noted, these features are available for all organizations with release 2016.24.

  • We have enhanced the change password flow for Okta-mastered users in orgs that don't have the New Okta Sign In Experience enabled. As with AD-mastered users, Okta-mastered users now must enter their current password when prompted to change their password.

  • We now support Multiselect types for Android Managed Application Configurations. See Managed Application Configurations.

  • To enhance our Microsoft Office 365 integration, the Update User Attributes provisioning feature is now enabled by default and cannot be disabled when the 0365 License only provisioning type is selected.

Note: Our enhancement to Apple Push Notification Certificates management that was previously announced in this release, has been delayed.

New Platform Features

Note: You can find platform documentation and other developer resources at http://developer.okta.com.

New Version of Okta Sign-In Widget

Version 1.3.3 of the Okta Sign-In Widget, and version 1.0.2 of okta-auth-js are available for Preview orgs. For more information, see Okta Sign-In Widget.

Policy API

The Links object, _links, is available in the Policy object. For more information, see Links Object.

Improved Error Descriptions

The error descriptions related to OAuth provide more helpful information about invalid clients for OpenID Connect flows.

Disable Automatic Key Rotation

If you need to disable automatic key rotation for an OpenID Connect flow, you can do so in General Settings section under the General tab for an app, and then use the /oauth2/v1/keys endpoint to fetch public keys for your app. For more information, see OpenID Connect.

Incremental Features Summary

The following table summarizes features that are enabled incrementally. Links in this table go to the release notes in which the feature was initially announced. After the feature is fully released, it is no longer tracked in this table. For release history of all features, see Features by Release.

New Orgs
New Orgs
Existing Orgs
Existing Orgs
ImmutableId From Master App2016.232016.232016.232016.25
New Okta Sign-in Experience2016.192016.192016.192016.24
LDAP Imports2016.202016.202016.202016.24

Application Updates

We've implemented SAML for the following Okta Verified applications:

  • Lever (OKTA-91642)

  • Singlewire InformaCast Mobile

  • XaitPorter (OKTA-88885)

We've implemented SAML for the following Community Created application:

  • Stormpath (OKTA-86498)


We've implemented SWA for the following Okta Verified applications:

  • Clickatell (OKTA-91040)

  • SigmaNEST (OKTA-91041)

  • SunGard Data Exchange (OKTA-84327)

  • Tailwind (OKTA-91047)

  • ThrivePass (OKTA-91045)

  • WiredTree (OKTA-91042)

  • Wolf Gordon (OKTA-91044)

  • Google Apps (OKTA-91510)

We've added the following Mobile application for use with Okta Mobility Management (OMM):

  • Google PDF Viewer (OKTA-91510)


Bug Fixes

Bug numbers ending with an H are hotfixes. Hotfixes are generally deployed after the initial release.

Product Bug Fixes

The following issues are fixed:

  • OKTA-68574 – In Okta's X-Frame-Option feature to protect against clickjacking attacks, an invalid header value was returned for certain Okta endpoints.
  • OKTA-82473 – Values from custom Salesforce fields failed to import.
  • OKTA-85366 – The Trust this device option failed for users configured with Okta Verify with Push in some orgs with the New Okta Sign-In Experience enabled.
  • OKTA-90727 – Post OMM enrollment for iOS devices landed on the chiclet view rather than the Mobile Apps store as expected.

Platform Bug Fix

The following issue is fixed:

  • OKTA-69173 – The helpURL for vpn wasn't returned even though it had been set previously in a request to /api/v1/apps.

App Integrations Fixes

The following SWA apps were not working correctly and are now fixed:

  • ADP Portal (Employee) (OKTA-82133)

  • Diffbot (OKTA-91879)

  • HRsmart (OKTA-91880)

  • Mass Mutual (OKTA-91455)

  • Microsoft SharePoint Online
    Office 365 (OKTA-92000)

  • Slack (OKTA-91992)

  • TigerText (OKTA-92003)

  • Walmart (OKTA-91878)