When you delete a team, all Request Types and associated requests are also deleted from the Access Requests console. You can no longer view the deleted requests in the Access Requests console. You can only view them from the Past Access Requests report.
Fixes
Identity Governance
An error occurred when importing group owners for AD groups if queries exceeded a maximum number of entities. (OKTA-540040)
Access Requests
Some customers were unable to edit or save Request Types.
When users were assigned the access requests administrator role through group assignments, they were unable to perform admin-specific tasks. (OKTA-581692)
Release: 2023.03.1
Features and enhancements
Access Requests
Settings page update
The Settings page user interface has been updated to improve user experience and the following tabs have been added:
Resources
Configuration lists
Pushed groups
The following terms have also been updated to improve clarity and reduce confusion:
Resource lists synced directly from an integration are called Resources.
Sublists and admin-defined configuration lists are called Configuration lists.
Some group owners didn't receive an email notification when they were assigned an approval task in a Request Type.
Release: 2023.03.0
Features and enhancements
Identity Governance
Group owner functionality for Universal Directory available in Production environments
Admins can now view and manage the owners of a group in OktaUniversal Directory. A group can have a maximum of 10 owners. This feature allows you to manage resource owners centrally when the resource ownership changes, and reduces the need to update your configurations manually. See Group ownership.
Import group owner information from AD available in Production environments
Admins can now import the group ownership information from AD to Okta Directory using full or incremental imports. The group owner is extracted from a managedBy attribute in AD user profile.
This feature reduces the need to manually define group owners for AD-sourced groups that have been imported to Okta. See Import group owner from Active Directory.
Access Certifications
Additional reviewer type options available in Preview environments
While creating or editing an Access Certification campaign, now you can select one of the following options from the Select reviewer type dropdown menu.
A specific user
User's manager
Group
Group owner
Define using Okta Expression Language
This feature allows you to select a Group and Group owner as reviewer types. As a result, you can take the following actions:
Assign reviews to multiple users at the same time to make review decisions when you have multiple application owners or a reviewer might be out of office.
Leverage the same Okta group that you use in Access Requests in Access Certifications as well. This also minimizes the need to manually update reviewers in campaigns when the reviewers change.
Now you can assign group owners as task assignees or approvers in a Request Type. This feature allows you to create a single Request Type instead of multiple Request Types when you need to reference groups with different group owners as approvers. See Create a Request Type and Group ownership.
Release: 2023.02.1
Features and enhancements
Access Requests
Change to new Request Types
For new Request Types, you can no longer select an integration’s source list as a Configuration items value for questions and conditional logic. While it’s not recommended, you can still use source lists for tasks in a Request Type.
Existing Request Types that use source lists are unaffected with this change because the system creates reusable sublists for them.
Fixes
Access Requests
You could configure a Request Type to use applications and groups that weren't available for your team.
Release: 2023.02.0
Features and enhancements
Identity Governance
Group owner functionality for Universal Directory available in Preview environments
Admins can now view and manage the owners of a group in OktaUniversal Directory. A group can have a maximum of 10 owners. This feature allows you to manage resource owners centrally when the resource ownership changes, and reduces the need to update your configurations manually. See Group ownership.
Import group owner information from AD available in Preview environments
Admins can now import the group ownership information from AD to Okta Directory using full or incremental imports. The group owner is extracted from a managedBy attribute in AD user profile.
This feature reduces the need to manually define group owners for AD-sourced groups that have been imported to Okta. See Import group owner from Active Directory.
Access Certifications
UI enhancements
For active campaigns, the Review details view is now available as a panel next to the review item. As well, the Reviewer and status details section has been updated and split into Reviewer details and Certification details sections. See View the progress of an active campaign.
Release: 2023.01.2
Fixes
Access Requests
Some requests didn't resolve automatically when access was granted to two apps or groups at the same time.
Some task approvers couldn’t take action from the email notification because the email didn’t contain the Open Tasks section.
Sometimes second-level approvers didn’t receive a Slack notification when a request was assigned to them.
Release: 2023.01.1
Features and enhancements
Access Requests
Remove Request Action menu
Admins can no longer manually overwrite the original request using the Request Action menu in the header panel.
Release: 2023.01.0
Features and enhancements
Access Certifications
UI enhancements
For Access Certifications campaigns, the user, group, and app dropdown menus now display an icon next to each selection. In addition, the group dropdown menu now displays the number of assigned users and apps, and the app dropdown menu now displays the app status and the app ID.
Since a user, group, or an app name isn't always unique, this enhancement provides more context to you for the resources you select. As well, these enhancements allow you to configure campaigns for the correct users, groups, and apps.
Additional reviewer type options available in Preview environment
While creating or editing an Access Certification campaign, now you can select one of the following options from the Select reviewer type dropdown menu.
A specific user
User's manager
Group
Group owner
Define using Okta Expression Language
This feature allows you to select a Group and Group owner as reviewer types. As a result, you can take the following actions:
Assign reviews to multiple users at the same time to make review decisions when you have multiple application owners or a reviewer might be out of office.
Leverage the same Okta group that you use in Access Requests in Access Certifications as well. This also minimizes the need to manually update reviewers in campaigns when the reviewers change.
When adding users to a team, you can now view a user’s email address in addition to their name in the Add team members dialog. This allows you to pick the correct user when you have multiple users with the same name.