Okta Preview Sandbox – Release 2016.31 Skip to main content
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Okta Preview Sandbox – Release 2016.31
Published: Aug 2, 2016   -   Updated: Jun 22, 2018

Okta Preview Release 2016.31 began deployment on August 3. For the latest information on our release schedule, see Current Release Status.

Check the version number at the bottom of your Okta Administrator page to see your current version. Clicking the version number takes you directly to the folder containing the release notes.

User-added image

Version numbers indicate the year and week of the year that releases are pushed to orgs. For example, release 2016.02 was pushed the second week of 2016. The week numbers follow the ISO Week Date convention. 

Important Notice for AD Integrations Using Federated Profiles

If your Okta Active Directory (AD) integration uses Federated Profiles, you should update to the latest GA version of the Okta AD agent. Beginning April 21, 2016, Okta automatically migrated all orgs that use the Federated Profiles option to the Okta enhanced AD integration, which requires agent version 3.0.8 or higher. If your Okta AD agent is earlier than version 3.0.8, following the migration your organization may experience inconsistent behavior, including loss of groups and group memberships.

To identify orgs running Federated Profiles, see Determining Your AD Integration Type.

For download and installation instructions, see Installing and Configuring the Active Directory Agent.

Note: If you run multiple Okta AD agents, upgrade all agents on your domain servers to the same version. Running different versions of the AD agent can cause all of them to function at the level of your oldest agent.

What's New

Unless otherwise noted, these features are available for all organizations with release 2016.31.

  • We've made the Password reveal feature more flexible by allowing admins to reveal shared app passwords. This enhancement is for admins only; as before, end users cannot reveal shared passwords. For more information, see Overview of Managing Apps and SSO.

    User-added image

  • The Okta Sign In page renders better in smaller browser windows. Labels and fields adjust smoothly as you resize your browser window, and the surrounding background image eventually disappears as your browser window decreases in size.

Agent Updates

We have released Okta Active Directory Agent version 3.4.2 for Early Access (EA) users. This release includes the following enhancements:

  • If your AD agent fails to start because the service account on the domain controller is missing the Log on as a service permission, you can now repair the account with just a few clicks.

    User-added image

  • To allow admins to register the Okta AD agent in the EMEA production environment, we have added a Production-EMEA option to the agent installer.
  • To improve the security of AD integrations, we now default to the TLS1.2 security protocol in orgs running .NET Framework 4.5 or later. Orgs running earlier versions of the .NET Framework continue to use TLS1.1.

  • Okta no longer imports duplicate Universal Security Groups if the group is moved to a different domain.

To obtain this release, contact Okta Support. For details about the Okta AD agent, see Installing and Configuring the Active Directory Agent. For agent version history, see Active Directory Agent Version History.

Plugin Update

The Sharepoint People Picker plugin has been updated to version This version allows admins to select Okta login or App username as the identifier claim as well as the Email Address. It also provides extended capabilities to restrict searches to only members of a specific SharePoint app instance. For further details, refer to the Microsoft SharePoint On Premises Deployment Guide. For version information, see Current Sharepoint People Picker Plugin Version History.

Platform Release Notes

Changes to the platform for this release are published in the Platform Release Notes on http://developer.okta.com.

Incremental Features Summary

There are no incremental features to announce this week.

Discontinued Support

Note: This notice was modified August 19 after initial publication of these release notes.

Microsoft has updated the sync functionality of their OneDrive application, and have replaced the OneDrive for Business Client (groove.exe) with the OneDrive for Business Next Generation Sync Client (onedrive.exe). Consequently, Okta has discontinued support for the OneDrive for Business Client (groove.exe). Users are now prompted to upgrade to the OneDrive for Business Next Generation Sync Client (onedrive.exe). For more information, see Upgrading to OneDrive for Business Next Generation Sync Client.

Application Updates

We've implemented SAML for the following Okta Verified applications:

  • Advanced Media Portal (OKTA-96694)

  • GR8 People (OKTA-91421)

  • IPfolio - Inventors (OKTA-95972)

  • POPin (OKTA-90886)

We've implemented SWA for the following Okta Verified applications:

  • Awingu (OKTA-96178)

  • AXIOMetrics (OKTA-96564)

We've changed Signature/Digest algorithms from SHA1 to SHA256 for the following SAML apps:

  • Hubwoo (OKTA-96567)

  • Northern Light (OKTA-96696)

  • OpenSource (OKTA-96818)

  • PMAPS WebPro by Proposal
    Software (OKTA-96902)

  • Recovery Planner (OKTA-97009)

Bug Fixes

Bug numbers ending with an H are hotfixes. Hotfixes are generally deployed after the initial release.

Product Bug Fixes

The following issues are fixed:

  • OKTA-68339 – The Okta browser plugin incorrectly offered to change the password of apps that have the Sync Password provisioning setting enabled.
  • OKTA-79670 – The in-product link in Set Up LDAP pointed to the wrong installation guide.
  • OKTA-92542 – Users of Firefox browser version 48.0b (beta) and later were prompted to install the Okta browser plugin even though it was already installed and functional.
  • OKTA-93852 – In certain cases, an incorrect client IP address for a Radius request was used during sign-on policy evaluation.
  • OKTA-93994 – A forgot password API operation could not be performed on usernames containing an ampersand.
  • OKTA-94795 – The Okta browser plugin offered to change shared admin-managed passwords when users navigated to the Change Password page for the app.
  • OKTA-96941 – The user interface allowing admins to specify SAML IdP values (with Inbound SAML Enhancement) failed to display in Firefox.

App Integrations Fixes

The following SWA apps were not working correctly and are now fixed:

  • Adjust (OKTA-96248)

  • CT Lien Solutions (OKTA-96455)

  • FundFire (OKTA-96132)

  • Getty Images (OKTA-96911)

  • Google Play (OKTA-96910)

  • RedHat Customer Portal (OKTA-96454)

  • RedHat Portal Login (OKTA-96802)

  • Windows Azure (OKTA-96438)