Okta Preview Sandbox – Release 2016.52 Skip to main content
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Okta Preview Sandbox – Release 2016.52
Published: Dec 28, 2016   -   Updated: Jun 22, 2018

Okta Preview Release 2016.52 began deployment on December 30. For the latest information on our release schedule, see Current Release Status.

Check the version number at the bottom of your Okta Administrator page to see your current version. Clicking the version number takes you directly to the folder containing the release notes.

User-added image

Version numbers indicate the year and week of the year that releases are pushed to orgs. For example, release 2016.02 was pushed the second week of 2016. The week numbers follow the ISO Week Date convention. 

Special Announcements

Two Plugin Features to be Enabled for All Orgs in December 

Until now, not all Okta end users have seen the following Okta plugin features. These features will be enabled for all orgs starting this month:

  • Automatic App Login – This feature enables the Okta browser plugin to recognize the login fields of apps that users navigate to directly, without going through the Okta Dashboard. Users can log in to more apps automatically, without needing to enter credentials. 
  • Save Password Banner – This feature displays a banner that offers to save passwords for most of the standard online apps that they visit. For more about this feature, see Adding an App from the Browser Plugin.

Changes to Okta Support for Android Mobile Operating System

Okta Mobile and Okta Verify currently support Android versions 4.0.4 and earlier, but our support for these versions ends on January 16, 2017. After that date, Okta will only support version 4.4.x and higher. Android for Work (AfW) is supported on Android 5.1.1 and higher. For more information, see Okta Support for Mobile Operating System Versions.

Chromium Mandatory Certificate Transparency Policy Impact on Android Devices

Certificate Authorities (CAs) Symantec and GeoTrust have yet to implement the Chromium Certificate Transparency policy. This means that Android devices running on some versions of Chrome 53 and 54 might refuse to accept certificates from these CAs. For more information, see Known Issue: Impact of Chromium Mandatory Certificate Transparency policy on Android devices.

Apple iOS 10 Upgrade Impact on Okta Mobility Management Password Sync

Users who have upgraded to iOS 10 should note the following: If you’re using Okta Mobility Management (OMM) to configure Exchange ActiveSync (EAS) profiles, a known issue has been introduced that affects OMM’s ability to perform Password Sync for EAS profile updates on iOS devices. For details and workarounds, see Known Issue: iOS10 upgrade impacts Okta Mobility Management (OMM) Password Sync.

What's New

Unless otherwise noted, these features are available for all organizations with release 2016.52.

  • We are pleased to announce the General Availability (GA) of our enhanced System Log. This enhancement replaces the Okta System Log, located at Security > System Log in your Okta admin dashboard. We are rolling this feature out to all customers gradually over the next few weeks and plan to finish in March 2017. If you would like to receive this functionality sooner, contact Okta Support.

  • To improve usability, we have changed of the name of SCIM UserAgent from OKTA SCIM Integration to Okta SCIM Client <version>. The current agent is named Okta SCIM Client 1.0.0.

Platform Release Notes

Changes to the platform for this release are published in the Platform Release Notes on http://developer.okta.com.

Application Updates

We've enhanced the following application integrations:

  • Jobvite now supports SP-initiated flows.
  • We have updated the Workplace by Facebook app by removing the Send Email Claim checkbox on the Provisioning tab, as it was a legacy feature. See the Workplace by Facebook Provisioning Guide for more details.

We've implemented SWA for the following Okta Verified application:

  • DonanApparel (OKTA-111042)


We've implemented SAML for the following Okta Verified application:

  • OfficeSpace Software (OKTA-109183)


We've implemented SAML for the following Community Created applications:

  • CircleHD (OKTA-109001)

  • EpicCareLink (OKTA-103272)

  • OPSWAT Gears (OKTA-109965)

  • VenioONE (OKTA-107354)

We've changed Signature/Digest algorithms from SHA1 to SHA256 for the following SAML apps:

  • 15five (OKTA-110542)

  • Peoplefluent (OKTA-111144)

  • Reflektive (OKTA-109700)

Bug Fixes

Bug numbers ending with an H are hotfixes. Hotfixes are typically deployed after the initial release.

Product Bug Fixes

The following issues are fixed:

  • OKTA-69342 – Updating user profiles from WorkdayOktaActive Directory (AD) failed in Workday-mastered orgs in which the AD attribute pwdLastSet was mapped to Okta using Attribute Level Mastering. This was part of a broader problem (now fixed) where the Attribute Level Mastering feature failed if one of the attributes in the user's profile was mastered in AD.
  • OKTA-100446 – Accessing the Sign On tab of an inactive Radius-enabled app failed.
  • OKTA-104235 – The On Prem Provisioning Agent did not process special characters correctly.
  • OKTA-106671 – The uploaded Encryption Certificate for a SAML app was incorrectly shown as Expired.
  • OKTA-108635 – Requests for WS-Fed sign on for a SWA configured Office 365 app instance did not display appropriate error messages.
  • OKTA-109771 – Read-only user attributes could be changed when Inherit from AD was selected.

App Integrations Fixes

The following SWA apps were not working correctly and are now fixed:

  • BuySellAds (OKTA-110834)

  • Mailjet (OKTA-110789)

The following SAML apps were not working correctly and are now fixed:

  • Airwatch User Portal (OKTA-105747)

  • Dropbox Business (OKTA-108094)