Okta Production Release 2016.50 began deployment on December 19. For the latest information on our release schedule, see Current Release Status.
Check the version number at the bottom of your Okta Administrator page to see your current version. Clicking the version number takes you directly to the folder containing the release notes.
Version numbers indicate the year and week of the year that releases are pushed to orgs. For example, release 2016.02 was pushed the second week of 2016. The week numbers follow the ISO Week Date convention.
Save Password Plugin Feature Enabled for All Orgs
Until now, not all Okta end users have seen the Okta banner that offers to save passwords for most of the standard online apps that they visit. But starting this month, this plugin-provided feature will be enabled for all orgs. For more about this feature, see Adding an App from the Browser Plugin.
Changes to Okta Support for Android Mobile Operating System
Okta Mobile and Okta Verify currently support Android versions 4.0.4 and earlier, but our support for these versions ends on January 16, 2017. After that date, Okta will only support version 4.4.x and higher. Android for Work (AfW) is supported on Android 5.1.1 and higher. For more information, see Okta Support for Mobile Operating System Versions.
Apple iOS 10 Upgrade Impact on Okta Mobility Management Password Sync
Users who have upgraded to iOS 10 should note the following: If you’re using Okta Mobility Management (OMM) to configure Exchange ActiveSync (EAS) profiles, a known issue has been introduced that affects OMM’s ability to perform Password Sync for EAS profile updates on iOS devices. For details and workarounds, see Known Issue: iOS10 upgrade impacts Okta Mobility Management (OMM) Password Sync.
Unless otherwise noted, these features are available for all organizations with release 2016.50.
We have improved the performance of our new System Log (Early Access) by limiting free form searches to 10 words, each of which can contain up to 40 characters.
Okta Mobility Management (OMM) for the MacOS (OS X) platform is now Generally Available (GA). OMM for MacOS enables customers to apply lightweight management and security controls on MacOS devices with easy self-enrollment for end users. For more information, see OMM – MacOS Management.
Support for the Polish and Malay languages for the end user experience is now available to all customers in beta format. You can select the default language preference for your entire org, and your end users can select a different language preference for their own experience. The end user's preference overrides the language set for the org. For more information, see Setting Language Preferences.
We've updated the text in the Client authentication section of the Client Credentials dialog box to help clarify the difference between the available options. For more information, see the OpenID Connect Wizard.
Browser Plugin Updates
- The phased GA rollout of the Internet Explorer (IE) browser plugin version 5.9.2 that we began on November 14, 2016 is ongoing. This version fixes an issue that prevented the IE plugin from working with our EMEA production environment and also provides performance and security enhancements. Okta strongly recommends that you install the plugin if prompted to do so. If you have any questions or concerns following the upgrade, contact Okta Support.
- We have updated the Okta plugin for the IE browser to version 5.9.3 for EA users. This release provides performance and security enhancements. To obtain this version, contact Okta Support.
- The Okta plugin version 5.9.0 for the Firefox browser is now GA. This release provides internal improvements.
- We have updated the Okta plugin for the Firefox browser to version 5.9.3 for EA users. To obtain this version, contact Okta Support. This release provides the following:
For version history, see Browser Plugin Version History.
We have updated the Okta JIRA authenticator to version 1.0.14 for JIRA On-Prem 6.x.x. This version provides the following:
- To allow orgs to use JIRA native authentication instead of Okta SAML authentication, we support whitelisting service provider URLs (such as the servicedesk/customer/portal endpoint) in the okta-config-jira.xml file.
- Fixed an issue in which credential-based authentication (basic auth) against the JIRA Software API returned an empty response in orgs with the Okta JIRA authenticator installed.
Note: These updates were also made to version 2.0.3 of the JIRA authenticator for JIRA On-Prem 7.x.x in release 2016.45.
For more information, see Using the JIRA On-Premises SAML App and Current JIRA JAR Version History.
Platform Release Notes
Changes to the platform for this release are published in the Platform Release Notes on http://developer.okta.com.
Incremental Features Summary
The following table summarizes features that are enabled incrementally. Links in the Feature column point to additional documentation for that feature, if available. After the feature is fully released, it is no longer tracked in this table. For release history of all features, see Features by Release.
We've implemented SWA for the following Okta Verified applications:
We've implemented SAML for the following Okta Verified applications:
We've changed Signature/Digest algorithms from SHA1 to SHA256 for the following SAML apps:
Cherwell OnDemand (OKTA-109125)
OfficeSpace Software (OKTA-109704)
Silkroad RedCarpet (OKTA-109118)
Bug numbers ending with an H are hotfixes. Hotfixes are typically deployed after the initial release.
Product Bug Fixes
The following issues are fixed:
- OKTA-103600 – When editing an app's SAML settings, the app's Label reverted to a previous value.
- OKTA-103655 – After an app was deactivated, its Sign On tab displayed a 404 error and other tabs also had display issues.
- OKTA-104054 – Group Push sometimes failed and were not automatically retried.
- OKTA-106535 – A private app validation failed due to extra provisioning profiles in the uploaded .ipa file.
- OKTA-106713 – In orgs using the Okta Org2Org app, updating a user profile in the initial org overwrote the user's custom attributes in the secondary org.
- OKTA-107066 – End-user instructions on the Settings page for setting up the Voice Call MFA option were unclear.
- OKTA-108874 – Duplicated MDM exchange certs impacted Okta Mobile app performance and caused the app to drain phone battery life.
- OKTA-109011 – Preview orgs with MFA Softlock for Del Auth enabled were unable to unlock Active Directory users.
- OKTA-109200H – Forcing Okta Mobile to close caused apps configured for per-app MFA to fail when DUO was the selected factor and the username format was samAccountName.
- OKTA-109698 – Some scheduled and/or incremental imports failed to pick up new users.
App Integrations Fixes
The following SWA apps were not working correctly and are now fixed:
The following SAML apps were not working correctly and are now fixed: