Okta Identity Governance release notes

Export Okta Identity Governance reports in PDF format is generally available in Preview environments

You can now export Okta Identity Governance reports to PDF. When exporting, you can also select specific columns to include in the report.

Entitlement history is generally available in Preview environments

Admins can now access a user's entitlement history. This feature improves auditing and compliance tasks and enhances visibility for troubleshooting access issues. See View user entitlements.

Resource owners is generally available in Preview environments

Assign owners to groups, apps, entitlements, and entitlement bundles. This feature allows you to automatically route access request steps and access certification campaign reviews to the correct stakeholder, improving the efficiency and accuracy of your governance processes. It also helps ensure that the right stakeholder is always involved in access decisions without requiring manual updates to your configurations.

• Access Requests

  When configuring approval sequences in access request conditions, you can now assign approvals, tasks, or questions directly to resource owners. Configure an approval sequence.

• Access Certifications

  When creating certification campaigns, you can now select the Resource Owner as the designated reviewer. See Certification campaign reviews.

See Resource owners.

Resource labels is generally available in Preview environments

Define labels for resources across Okta to enable better visibility, filtering, and automation within Access Certifications when you scope and maintain campaigns. See Resource labels.

Auditor reporting package is generally available on Production environments

Use this feature to automatically generate access certification campaign reports, which are tailored to meet auditor requirements. These reports make preparing for compliance audits faster and easier by reducing the time and manual effort required for assembling and exporting campaign and user access data. See Auditor reporting package.

Governance delegates is generally available in Production environments

You can set delegates for users or allow users to specify another user as a delegate to complete governance tasks for them. Governance tasks include access certification campaign review items and access request approvals, questions, and other tasks. After a delegate is specified, all future governance tasks (access request approvals and access certification reviews) are assigned to the delegate instead of the original approver or reviewer. This helps ensure that governance processes don't stall when approvers are unavailable or tasks need to be rerouted to a different stakeholder for a long period. It also reduces the time spent in reassigning requests and reviews manually. See Governance delegates.

New System Log event

The governance.settings.update System Log event is fired when super admins update the delegate settings to allow or block users from assigning their own delegate.

Changes to access request notifications

To ensure conversations are displayed consistently across platforms, messages sent within an access request from the web app now automatically appear for the message sender in the corresponding Slack or Microsoft Teams chat. This reduces confusion for the message sender around the messages associated that are with a request.

Changes to the Past Access Requests (Conditions) report

The Request subject column has been removed from the Past Access Requests (Conditions) report.

• Sometimes the Request access button wasn't available after you enabled the Unified Requester Experience feature if the org didn't have any access request conditions configured. (OKTA-1032205)