Okta Production – Release 2015.44 Skip to main content
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Okta Production – Release 2015.44
Published: Nov 6, 2015   -   Updated: Jun 22, 2018

Okta Preview Sandbox (oktapreview.com) features from 2015.43 and 2015.44 have been combined and pushed to Production (okta.com). This deployment begins on November 5. For the latest information on our release schedule, see Current Release Status.

Check the version number at the bottom of your Okta Administrator page to see your current version. Clicking the version number takes you directly to the folder containing the release notes.

New Features

  • Okta is excited to present our new look! We've got a fresh logo, updated icons, and sleeker modals. We love it and hope you will too.User-added image
  • We have added a new Devices item to our Dashboard. Now admins can access information about mobile policies and OMM-enrolled devices in their org directly from this menu.

    User-added image

    Note: You can continue to access this information using the former navigation paths Security > Policies and Directory > Devices.

  • We have enhanced the Mobile Access settings in Okta for Android and iOS mobile apps. Now, in addition to the ability to activate or deactivate access to native applications, you can do the following:

    User-added image

    For more information, see Enabling Mobile Access to Applications.

    • Allow end users to install the app from the company app store. (Android and iOS) 
    • Prompt end users who have already installed an iOS mobile app on their own to allow their admin to manage the app. (iOS only.Note: This setting will be enabled when the app is updated in November.)
    • Prompt users to install the app on enrollment. (iOS only)
  • We are pleased to announce the Early Access (EA) release of our Social Identity Provider feature. This feature allows your end users to self-register with your custom applications by first authenticating through their existing social identity accounts, such as Facebook,Google, or LinkedIn. For new users of your custom app, Okta creates a Just In Time (JIT) Okta user profile based on attributes stored in their social profiles.

    User-added image

    Key benefits:

    Note: This is an Early Access feature; contact Okta support to enable it.

    • No need to build and maintain your own user database, engineer a sign-on and authentication infrastructure, or manage usernames and passwords.
    • Ensure quick and easy end-user self-registration to your custom applications.
    • Okta profiles are updated automatically when your users update their social profiles.
    • Users do not need to remember any additional passwords.

    For detailed instructions, see Social Authentication.

  • The mapping for countryCode from Okta to an Active Directory user now has a default value of zero (0), as shown below. This default change is for user convenience, as this attribute is required for legacy compatibility.

    User-added image

  • Admins can now specify an Okta username format during LDAP setup for usernames in their LDAP directory. Be sure the format you choose meets the Okta requirement that valid usernames be in an email format. Format options are shown below. For more information, see Installing and Configuring the LDAP Agent.

    User-added image

  • We have added a Destination field in the SAML Protocol Settings section of the Add Identity Provider dialog box. Admins can use this field to configure a SAML destination for authentication requests sent to the identity provider. The default value for the destination is the SSO URL for the identity provider. For more information, see Configuring Inbound SAML with Universal Directory Options.
  • We have improved settings on the Identity Providers page.
    • You can now activate and deactivate IdPs manually.

      User-added image

    • A new Configure dropdown menu combines editing and configuration functions.

      User-added image

  • Okta has added a new, security-focused sign-in option for SWA apps. Admins can choose to set all usernames and passwords for an app instance, after which the credentials are never exposed to their Okta end-users. This provides a more robust level of admin control. For details about this new feature, see Overview of Managing Apps and SSO.

    Note: This is an Early Access feature; contact Okta support to enable it.

  • We now log the following SAML Replay Cache events in the System Log:

    For more information, see Using the Okta Reports Page.

    • SAML responses containing a previously seen Assertion ID.
    • SAML responses with an InResponseTo attribute that doesn't match any key in the cache.
  • Okta has created additional diagnostics for configuring WS-Fed for an Office 365 app instance. Users no longer risk overwriting previous federation settings, as system logs now contain all previous data. This feature fixes OKTA-69893 under Bugs Fixes, below.
  • We are pleased to announce that support for the Finnish and Italian languages for the end user experience is now available. You can select these languages as the default language preference for your entire org. As always, your end users can choose their own language preference for their experience. The end user's preference overrides the org language preference. For more information, see Setting Language Preferences.
  • In addition to the AppInstance object type, system log events for SAML identity providers in the Okta Events API now include a new object type IdentityProvider that identifies the provider. For more information, see the Okta Events API.
  • The Devices page has been enhanced to allow you to filter by various attributes, display additional summary data, and search across multiple users and devices:
    • A new section available in Directory > Devices summarizes the information provided on the body of the page, as shown here.

      User-added image

    • In addition to displaying information about your mobile devices, the Devices page now displays details about device users, as shown here.

      User-added image
      For more information, see Managing Enrolled Devices.

Feature Summary

The following table summarizes new features and features that are enabled incrementally. Links in the Feature column point to additional documentation for that feature, if available. After the feature is fully released, it is no longer tracked in this table. For past release history, see Features by Release.

New Orgs
New Orgs
Existing Orgs
Existing Orgs
Social Identity Providers (EA)2015.442015.442015.442015.44
Default countryCode Mapping Value2015.442015.442015.442015.44
Specify Okta Username Format for LDAP2015.442015.442015.442015.44
SAML Destination Setting2015.442015.442015.442015.44
Credentials Set by Admin and Not Exposed to End Users2015.442015.442015.442015.44
Additional SAML Replay Cache Events Logged2015.442015.442015.442015.44
New Devices Menu2015.442015.442015.442015.44
Enhanced Mobile Access Settings2015.432015.432015.432015.43
Device Page Improvements2015.432015.432015.432015.43
Finnish and Italian Language Support2015.432015.432015.432015.43
Identity Provider object in the Events API2015.432015.432015.432015.43

Toolkit Support

Okta's current Confluence toolkit version 1.0.12 now supports Confluence on-prem versions 5.7.0, 5.7.3, 5.8.8, 5.8.9, and 5.8.10. For more information, see the Current Confluence Jar Version History.

Browser Support

On December 11, 2015, Okta will discontinue support for Microsoft® Internet Explorer 7 (IE7), as well as all versions of Compatibility View that represent IE7. After that date, Okta Customer Support will no longer investigate issues related to IE7. For more information about supported browsers, see Platforms Browser and OS Support.



We've implemented Provisioning for the AngelPoints app, including new user push, profile update push, and user deactivation and reactivation.


We've implemented SAML for the following Okta Verified application:

  • EventBoard (OKTA-64939)

  • goBalto (OKTA-61412)

  • Join.Me (OKTA-65712)

  • LogMeIn (OKTA-70575)

  • LogMeIn Accounts (OKTA-68917)

  • SignalFx (OKTA-70078)

We've implemented SWA for the following Okta Verified application:

  • American Funds Advisor Client Login

  • BlueStar (OKTA-71454)

  • Bushel (OKTA-71784)

  • CEB IT Leadership Council For Midsized
    Companies (OKTA-71912)

  • Dangerous Goods Advisory
    Council (OKTA-71920)

  • DevExpress (OKTA-71921)

  • eBridge (ePortal Login) (OKTA-71923)

  • Epicenter (OKTA-71922)

  • EventBeat (OKTA-71910)

  • Flock (OKTA-71779)

  • Gemfury (OKTA-71913)

  • Local Site Submit (OKTA-71783)

  • Status Hero (OKTA-71782)

  • TINT (OKTA-71780)

  • TopTal (OKTA-71925)

  • XcelHR - Employee (OKTA-70055)

  • Xirrus (OKTA-71907)

We've added the following Mobile application for use with Okta Mobility Management (OMM):

  • ArcGIS Online (OKTA-70709)

  • BambooHR (OKTA-66325)

  • Google Apps (OKTA-71678)

Bug Fixes

Bug numbers ending with an H are hotfixes. Hotfixes are generally deployed after the initial release.

  • OKTA-45613 – Fixed an issue in the Okta Users API in which the Change Password call did not work for AD users whose passwords had expired. Note: This issue was a hotfix in 2015.42. 
  • OKTA-53078 - Extended UD Inbound SAML with a configuration option for signing SAML authN requests.
  • ​OKTA-62829 – We have improved how we process API rate limits for the Yammer app by retrying the provisioning task after the rate limit window instead of failing the provisioning task.
  • OKTA-62994 – Fixed an issue that prevented users with manager push enabled from being provisioned to the Facebook at Work app if their manager was not already provisioned to the app.
  • OKTA-66926 – Fixed an issue that prevented importing the user's ZIP code (postalCode) value during LDAP data import.
  • OKTA-69893 – Fixed an issue in which users could inadvertently overwrite previous WS-Fed settings.
  • OKTA-69971 – Fixed an issue that prevented Okta from using the Single Logout ACS URL specified in the Enable Single Logout settings in the App Integration Wizard.
  • OKTA-70285 – Fixed an issue where end users were prompted to re-establish their Duo accounts when their passwords expired. This occurred for users of those orgs with the SAM Account Name format on the Duo page of Okta.
  • OKTA-70802 – Fixed an issue where saving the Transform username field in the Add Identity Providers screen incorrectly removed spaces and converted valid expressions to lowercase.
  • OKTA-70080 – Fixed an issue in which the Okta Verify push notifications for MFA did not work with the Okta RADIUS Agent.
  • OKTA-70409 – Fixed an issue in which the Profile Mappings dropdown menu in Universal Directory was cutting off options that appeared at the end of the list.
  • OKTA-70969 – Fixed an issue where Universal Discovery schema discovery failed to import fields from the Salesforce app marked as required.
  • OKTA-71032 – Fixed an issue where the fields for the summary count by platform and by device type on the Devices page were populated incorrectly.
  • OKTA-71127 – Fixed an issue in the Universal Directory Profile Editor where only a partial app list was visible to users.
  • OKTA-71162 – Fixed an issue in which changes made to the email template Password Reset by Admin were not saved.
  • OKTA-71816 – Fixed a minor UI alignment issue with the Jailbroken and the Deprovisioned icons on the Devices page.
  • OKTA-71825 – Fixed an issue where some apps assigned to a group were not provisioned to all group members.
  • OKTA-71866 – Removed the redundant User label that was displayed when viewing devices by user.
  • OKTA-71880 – Updated the icons for Windows and Android devices.
  • OKTA-72264 – Ensured that passwords changed through the API comply with password reuse rules.

The following SWA apps were not working correctly and are now fixed:

  • Addison Lee (OKTA-71550)

  • American Express Work (OKTA-70233)

  • aXes Terminal Session (OKTA-71559)

  • Axiom Travel (OKTA-70944)

  • Bomgar Self Service Center (OKTA-70942)

  • Buffer (OKTA-71444)

  • CareFirst (OKTA-70953)

  • Casto (OKTA-70940)

  • Clever (District Administrator Login)

  • Confirmationcom (OKTA-71549)

  • Dell Partner Direct (OKTA-70764)

  • Diigo (OKTA-70955)

  • Econsultancy (OKTA-71558)

  • Edmodo (OKTA-71552)

  • FlipKart (OKTA-71560)

  • HFMA (OKTA-70956)

  • Hightail (OKTA-71548)

  • IGOE Flex Account (OKTA-70441)

  • LegalZoom (OKTA-70954)

  • ManageEngine Password Manager Pro

  • Reddit (OKTA-71580)

  • The Australian (OKTA-70946)

  • TV2 SUMO (OKTA-70945)

  • WebEx Administration (OKTA-70948)

  • XO Business Center (OKTA-71554)

  • Zapper PaySonnel CE (OKTA-71553)