Okta Production – Release 2016.14 Skip to main content
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Okta Production – Release 2016.14
Published: Apr 12, 2016   -   Updated: Jun 22, 2018

Okta Production Release 2016.14 began deployment on April 11. For the latest information on our release schedule, see Current Release Status.

Check the version number at the bottom of your Okta Administrator page to see your current version. Clicking the version number takes you directly to the folder containing the release notes.

User-added image

New Features

  • Okta is pleased to announce a new, two-factor-only authentication (2FA) option for the Okta RADIUS agent, allowing you to secure your Amazon Workspace or Workdocs account(s) with a second factor. End users can sign into AWS with their password and any supported factor they have registered with Okta. For details, see Configuring the Okta Radius Agent. This feature is Early Access (EA); please contact Okta Support to enable it.

  • We are pleased to announce the release of our Private App Store for iOS. This feature allows admins to upload internally developed iOS enterprise apps to Okta and distribute them via Okta Mobility Management (OMM). Private App Store provides more details. This feature is best experienced on Okta Mobile 4.7.0 for iOS which is planned for release later this week. This feature is EA; please contact Okta Support to enable it.

  • We have improved the Okta Mobile post-enrollment landing page for iOS devices. This redesigned page appears after a successful enrollment in OMM and notifies users that they may receive prompts as part of finalizing the enrollment process.

    User-added image

  • We have enhanced the Okta Mobile (iOS) user experience for app installation cancellations and failures. Now, there is only a minimal delay in refreshing the Mobile App Store page after a failed or cancelled app installation.

  • For orgs with the New Okta Sign-In Experience enabled (EA), we have added the option Trust this device to the MFA challenge screen. Selecting the option configures Okta to remember your end users' devices for the period of time specified in your org's Configuring Sign On Policies

    User-added image

  • When a user logs in using WS-Federation, the username is now automatically populated with the Okta username resolved from Office 365. This feature is EA; please contact Okta Support to enable it.

  • You can now integrate your app using OpenID Connect. Web, native, and SPA apps are supported. For more information, see Using OpenID Connect.

    User-added image

  • Support for displaying rate limit alerts in the System Log is now Generally Available (GA) for all orgs. For more about the system log, see Using the Okta Reports Page.

Okta Developer Platform

OpenID Connect Workflows

Use the EA release of Okta's next-generation SSO platform with Using OpenID Connect to build applications that use new client technologies such as JavaScript-based applications or native mobile apps.

OpenID Connect is a lightweight alternative to the SAML 2.0 Authentication Request Protocol that extends the OAuth 2.0 Authorization Framework with a simple, standardized identity layer that is optimized for modern client technologies. For more information, see OpenID Connect.

Widget Version 1.2

Customize your users' login experience with Okta's Sign in Widget SDK version 1.2, with support for social authentication and OIDC. Authenticate users on any web site, implement MFA, self-service password reset, and other capabilities.

Version 1.2 is Generally Available (GA). For more information, see Okta Sign-In Widget.

New API Request Header

The X-Okta-Request-Id header returns the request ID in every response. Use it for debugging. It also allows you to correlate with the system log. This header is GA. For more information, see Design Principles.

Documentation for the Okta Developer Platform is available at http://developer.okta.com.

Incremental Features Summary

The following table summarizes features that are enabled incrementally. Links in the Feature column point to additional documentation for that feature, if available. After the feature is fully released, it is no longer tracked in this table. For release history of all features, see Features by Release.

New Orgs
New Orgs
Existing Orgs
Existing Orgs
Enhanced Automatic App Login (Plugin)2015.462015.46      –      –

Toolkit Update

We have upgraded the Okta JIRA Authenticator to version 2.0.1. This release provides support for JIRA on-prem versions (Core and Software), and (Service Desk). For installation and configuration instructions, see Using the JIRA On-Premises SAML App. To obtain the latest JIRA Authenticator, visit the Okta Downloads page. For the toolkit version history, see Current JIRA JAR Version History.

Browser Support

On April 15, 2016, Okta will discontinue support for Microsoft® Internet Explorer 8 (IE8), as well as all versions of Compatibility View that represent IE8. After that date, Okta Customer Support will no longer investigate issues related to IE8. For more information about supported browsers, see Platforms, Browser, and OS Support.



We've implemented SAML for the following Okta Verified applications:

  • Highfive (OKTA-75178)

  • YourCause (OKTA-74217)

We've implemented SAML for the following Community Created application:

  • Knack (OKTA-83599)


We've implemented SWA for the following Okta Verified applications:

  • DSI (OKTA-82753)

  • GKG (OKTA-83638)

  • Hub Planner (OKTA-81645)

  • Maxwell Health (OKTA-81648)

  • Mutual of Omaha (OKTA-84914)

  • SIMON (OKTA-82711)

  • Sucuri (OKTA-81660)

  • Typeless (OKTA-83470)

We've added the following Mobile applications for use with Okta Mobility Management (OMM):

  • Bing Ads (OKTA-85215)

  • PlanSource Benefits (OKTA-85509)

  • PlanSource HR Portal (OKTA-85597)

  • PlanSource HRHQ (OKTA-85598)

  • PlanSource InfoCenter (OKTA-85599)

Bug Fixes

Bug numbers ending with an H are hotfixes. Hotfixes are generally deployed after the initial release.

The following issues are fixed:

  • OKTA-79714 – User searches by email address did not work properly.
  • OKTA-82141 – User import conflicts from Box into Okta could not be resolved by specifying the Okta user.
  • OKTA-82216 – Passwords were not set for some Active Directory user accounts created by Okta.
  • OKTA-83221 – The User Admin role incorrectly allowed modification to Directory Master profiles.
  • OKTA-83729 – The Group Rules screen could only display a maximum of 100 users.
  • OKTA-84410 – Okta failed to sync Okta user passwords to Active Directory.
  • OKTA-84613 – Okta Mobile failed with an illegal character error for some users with a Radius sign-on authentication policy.
  • OKTA-84990 – On the People page of the Admin UI, the Additional Attributes panel for social authentication users was displayed erroneously.
  • OKTA-85171 – When first logging into Microsoft Office 365, the calendar link incorrectly directed users to the mail client.
  • OKTA-85449H – Removed a potential cross-site scripting vulnerability from an error message.
  • OKTA-86094 – Some User Admins could not reset MFA for their users.
  • OKTA-86183 – Full imports from Active Directory to Okta failed under certain circumstances.
  • OKTA-86554 – Synchronization with Microsoft O365 did not complete under certain circumstances.

The following SWA apps were not working correctly and are now fixed:

  • Teladoc (OKTA-85172)

  • Dialpad (OKTA-84099)

  • AccessAudi (OKTA-84655)

  • ASQ (OKTA-85177)

  • Bank of America (OKTA-85181)

  • Bing Ads (OKTA-73689)

  • British Gas (Consumer) (OKTA-85180)

  • BVS Performance Solutions

  • CrashPlan (OKTA-85173)

  • In Honda (OKTA-84647)

  • ISNetworld (OKTA-85176)

  • Recreation.gov (OKTA-85179)

  • Sylvania (OKTA-83783)

  • VinConnect (OKTA-84652)

The following SAML apps were not working correctly and are now fixed:

  • Samanage (OKTA-85537)

  • SuccessFactors (OKTA-85443)