Okta Preview Release 2016.34 began deployment on August 23. For the latest information on our release schedule, see Current Release Status.
Check the version number at the bottom of your Okta Administrator page to see your current version. Clicking the version number takes you directly to the folder containing the release notes.
Version numbers indicate the year and week of the year that releases are pushed to orgs. For example, release 2016.02 was pushed the second week of 2016. The week numbers follow the ISO Week Date convention.
Important Notice for AD Integrations Using Federated Profiles
If your Okta Active Directory (AD) integration uses Federated Profiles, you should update to the latest GA version of the Okta AD agent. Beginning April 21, 2016, Okta automatically migrated all orgs that use the Federated Profiles option to the Okta enhanced AD integration, which requires agent version 3.0.8 or higher. If your Okta AD agent is earlier than version 3.0.8, following the migration your organization may experience inconsistent behavior, including loss of groups and group memberships.
To identify orgs running Federated Profiles, see Determining Your AD Integration Type.
For download and installation instructions, see Installing and Configuring the Active Directory Agent.
Note: If you run multiple Okta AD agents, upgrade all agents on your domain servers to the same version. Running different versions of the AD agent can cause all of them to function at the level of your oldest agent.
Unless otherwise noted, these features are available for all organizations with release 2016.34.
An Admin link is now available in the Your Apps dialog when an admin is logged in to Okta. The link allows admins to jump immediately to the Admin Dashboard. This is an Early Access (EA) feature; to obtain it, contact Okta Support. For more information, see About the Browser Plugin.
We have removed the option Exclude AD username update from the Create Users section of the Active Directory Settings page. You can still configure this functionality by changing how these attributes are mapped in the Profile Editor. For details, see About Universal Directory.
Note: This change does not apply to existing orgs that have the Exclude AD username update option enabled.
Realtime Sync from Workday now supports auto activation of new users. See Configuring Provisioning for Workday for more information.
Browser Plugin Updates
We have updated the Okta plugin for the Firefox, Internet Explorer (IE), and Safari browsers to version 5.8.0 for EA users. This release provides the following:
Firefox, IE, and Safari
Support for the Admin link (EA) in the Your Apps dialog (described in What's New above).
- Fixed an issue in which browsers running Okta IE plugin version 5.6.3 became non-responsive when accessing SharePoint 2013.
- Implemented several security enhancements.
To obtain EA plugin version 5.8.0, contact Okta Support. For plugin version history, see Browser Plugin Version History.
Platform Release Notes
Changes to the platform for this release are published in the Platform Release Notes on http://developer.okta.com.
Incremental Features Summary
There are no incremental features to announce this week.
We've implemented SAML for the following Okta Verified application:
We've implemented SWA for the following Okta Verified application:
We've added the following Mobile applications for use with Okta Mobility Management (OMM):
We've changed Signature/Digest algorithms from SHA1 to SHA256 for the following SAML apps:
Bug numbers ending with an H are hotfixes. Hotfixes are generally deployed after the initial release.
Product Bug Fixes
The following issues are fixed:
- OKTA-83497 – Yammer email invitations for external networks were not sent if provisioned by Okta.
- OKTA-92338 – New sign in flows failed to display password requirements to end users.
- OKAT-92460 – Under certain circumstances, ServiceNow provisioning failed.
- OKTA-94207 – The Replicon app did not import the correct username into Okta.
- OKTA-95714 – The search function failed when assigning an AIW app to the Application Administrator role.
- OKTA-96281 – User Profile properties could be removed via the Profile Editor even if they were referenced as a matchAttribute in SAML IdPs.
- OKTA-96335 – Identity Providers configured to look up IdP usernames by Okta username or email failed to return a valid match if the username was in both the username and email and a second user existed with the same email but different username.
- OKTA-96392 – API credentials validation failed during provisioning for the Confluence On-Prem app.
- OKTA-96984 – When an end-user enrolled a second device in OMM, Okta re-pushed VPN and EAS profiles to all devices that were already enrolled.
- OKTA-97692 – End users could not delete their mobile phone number in Settings > Forgot Password Text Message.
- OKTA-98290 – Adding a private mobile app–configured to allow installation from the company app store–to an existing app created with the App Integration Wizard, resulted in the chiclet disappearing from the end user’s Home page.
- OKTA-98650 – Internal custom apps that were successfully installed on end user devices could not be managed.
- OKTA-98456 – Running ProvisioningUserJob ahead of its scheduled time failed.
- OKTA-98631 – Some customers with policies containing groups experienced unexpected behavior in certain user flows such as the login flow.
- OKTA-98701 – Filtering on Event Type, Message, or Outcome failed in the new System Log (EA).
- OKTA-98847 – Renewing an APNS certificate caused iOS push notifications to fail.
App Integrations Fixes
The following SWA apps were not working correctly and are now fixed:
The following SAML apps were not working correctly and are now fixed:
The following Mobile app was not working correctly and is now fixed: