Okta Access Gateway Release Notes
Okta Access Gateway GA
| Latest version: | 2020.7.1 |
| Deployment date: | 7-7-2020 |
| Download: |
via Admin Console (Settings > Downloads) |
Release Summary
Okta Access Gateway 2020.7.1 is now Generally Available. This release includes new features, bug fixes, and both new and updated documentation.
Features
- Administrators can now assign IP addresses and routes to network interfaces.
For more information see Managing network interfaces and overview of about network interfaces.
Enhancements
- Documentation of events for Access, Audit and Monitoring has been expanded and improved. See also About Access Gateway logs
- Documentation added for Log forwarding Trouble Shooting and Frequently asked questions.
- Documentation added for Managing network interfaces and overview of about network interfaces.
- Documentation added for copying Microsoft Azure disks for use with high availability.
- Documentation added for creating Microsoft Azure load balancers.
- Documentation added for creating AWS EC2 load balancers.
- Documentation for application behaviors has been updated and now includes state diagrams.
- Documentation added for Qlik applications.
- Documentation for Oracle EBS applications has been expanded to include Oracle side configuration.
Fixes
- OKTA-270300 - In some situations, the Access Gateway Management console didn’t accurately reflect the latest updates.
- OKTA-270924 - After upgrading to the latest version of Okta Access Gateway, the child menu elements in the Access Gateway Management console still displayed the previous version number.
- OKTA-294411 - After restoring from a previous backup to a new instance of Okta Access Gateway, the Access Gateway Admin UI console displayed an error message “Admin UI has invalid token.”
- OKTA-297153 - Attributes weren't correctly persisted to LDAP data stores during concurrent updates.
- OKTA-303208 - During upgrades benign errors were displayed.
- OKTA-303956 - When using the Access Gateway Management console, admins were able to enter invalid DNS entries.
- OKTA-304058 - When checking advanced policy during a session timeout where a session integrity check failed, an incorrect error code was returned.
- OKTA-306020 - After upgrading from Access Gateway 2020.1.0 to 2020.6.3, Admins were unable to login to the Access Gateway Admin UI console. This also happened when upgrading from 2019.4.2 and 2019.4.5 to 2020.6.3.
- OKTA-309427 - The default Access Gateway error page had a typo.
Okta Access Gateway EA
See the Okta Access Gateway 2019.2.0 EA release history for complete details.
Okta Access Gateway 2020.6.3
| Version: | 2020.6.3 |
| Deployment date: | 6-3-2020 |
| Download: |
via Admin Console (Settings > Downloads) |
Release Summary
Features
- Administrators can now delete and rename backups in the Access Gateway Admin UI console.
For more information see Manage backups.
Enhancements
- Access Gateway documentation as a whole was restructured to improve structure and usability.
- Documentation added for Oracle Application Express applications.
- Documentation added for Oracle Forms applications.
- Documentation added for including JavaScript into pages to support AJAX session timeout handing. See Advanced Access Gateway Policy Examples.
- When downloading backups, administrators can now choose to hide or show passwords.
Fixes
- OKTA-254374 - When localhost was configured as the DNS nameserver, the Command Line Management Console displayed the loopback address instead of the hostname.
- OKTA-286718 - Adding a high availability worker node to an Access Gateway cluster failed with an initialization error.
- OKTA-288224 - When an Access Gateway disk was at or near full capacity, the SNMP agent stopped working.
- OKTA-295495 - Duplicate log entries were created when some SNMP error messages were incorrectly marked as INFO instead of ERROR.
- OKTA-295590 - In some situations, during initial session creation when submitting forms, Access Gateway would redirect GET requests as POST requests.
- OKTA-298878 - When trying to remove an LDAP data store on the Access Gateway console, some data stores incorrectly reported their status as in use.
- OKTA-298939 - On high availability clusters, worker node events were missing when capturing log events using system loggers.
Okta Access Gateway 2020.5.5
| Version: | 2020.5.5 |
| Deployment date: | 5-5-2020 |
| Download: |
via Admin Console (Settings > Downloads) |
Features
- Administrators can now backup and restore Okta tenant, application, data store and related configuration.
For more information see, Backup and restore, Manage backups, and Perform restores.
Enhancements
- Documentation added for Oracle Hyperion applications.
- Documentation added for Oracle BI Enterprise Edition applications.
- Documentation added for Oracle Demantra applications.
- Target specific download links added for Amazon EC2, Microsoft Azure, and VMWare virtual environments.
- User authentication events are now written to logs.
Fixes
- OKTA-283885 - In some situations, the Network Connectivity Test in the command console would fail with an invalid host name error for valid hosts.
- OKTA-290632 - Access Gateway didn't honor the maximum session duration setting. Some sessions were still valid after the maximum session duration was exceeded.
- OKTA-291181 - When there was no user session and the behavior Force reauthentication at IdP was enabled, reauthentication didn't occur as expected.
Okta Access Gateway 2020.4.4
| Version: | 2020.4.4 |
| Deployment date: | 4-8-2020 |
| Download: | via Admin Dashboard (Settings > Downloads) . |
Features
- Forwarding log events to syslog systems, such as Graylog, is now available.
For more information see Administering Log Forwarding. - Administrators can now download all Access Gateway log files.
For more information see Download logs, and About Access Gateway logs.
Enhancements
- Documentation added for Oracle Application Express applications.
- Documentation added for Oracle Forms applications.
- Documentation added for Oracle WebCenter applications.
Fixes
- OKTA-275433 - When importing attributes in datastore’s, commas were inserted at the start and end of the attribute list. Removing the commas resulted in a partial list.
Okta Access Gateway 2020.3.3
| Version: | 2020.3.3 |
| Deployment date: | 3-3-2020 |
| Download: | via Admin Dashboard (Settings > Downloads) . |
Enhancements
- Documentation added for Oracle Access Gate application.
- Documentation added for Oracle WebLogic application.
- Documentation added for Okta Access Gateway One Day Admin tutorial.
Fixes
- OKTA-275362- When modifying the field list in an existing LDAP datastore, removing all fields resulted in a field list with a single non-editable field with a blank name.
- OKTA-278510 - When initially accessing the Access Gateway command line console, the string "Repodata is over N weeks old. Install yum-cron? Or run yum makecache fast." was inadvertently displayed.
- OKTA-280578 - After upgrading from Access Gateway version 2020.01.0 or earlier, configuring high availability through the command line console caused the console to stop responding.
- OKTA-280615 - After upgrading from Access Gateway version 2020.1.0 or earlier, when attempting to place an application in maintenance mode, the Admin Console would redirect to the application page rather than the maintenance page.
Okta Access Gateway 2020.2.1
| Version: | 2020.2.1 |
| Deployment date: | 2-13-2020 |
| Download: | via Admin Dashboard (Settings > Downloads) . |
Features
- High Availability is now available.
Enhancements
- Documentation updates for Adding Kerberos Applications and Adding Oracle PeopleSoft Applications.
- Documentation added for Adding Oracle JD Edwards Applications.
- Documentation added for Configuring High Availability.
- Documentation added for Access Gateway One Day Administration.
- Documentation added for Add an Oracle WebLogic Server Application.
Fixes
- OKTA-257420 - When the system time was updated through the Okta Access Gateway command line console, the User-Defined Cookie Domain value and Access Gateway Hostname values were reset.
- OKTA-274930 - The Unbound networking service log events weren't being captured to the syslog.
- OKTA-274975 - When using the Admin Console to create or update EBS applications in high availability clusters, the changes weren't propagated to worker nodes.
- OKTA-275416 - When performing updates on worker nodes in high availability clusters, the bootstrap process produced an invalid configuration causing the node not to start.
- OKTA-275757 - The Okta Access Gateway update process deleted the high availability configuration file on admin nodes.
- OKTA-276986 - When using the Admin Console to configure datastore definitions in high availability clusters, definitions with names that contain spaces weren't synchronized with worker nodes.
Okta Access Gateway 2020.1.0
| Version: | 2020.1.0 |
| Deployment date: | 1-08-2020 |
| Download: | via Admin Dashboard (Settings > Downloads) . |
Features
- Documentation is enhanced for examples applications.
Enhancements
- Documentation added on administering Application Behaviors. For more information see About application behaviors
- Documentation added on administering Advanced Policies. For more information see Advanced Access Gateway Policy.
- Documentation added on administering the support VPN. For more information see Access Gateway Support VPN.
- Documentation added for all currently supported application versions. For more information see Supported technologies.
- Documentation added on supported sample applications. For more information see Access Gateway Supported Applications.
Fixes
- OKTA-252228 - When setting the system time via the management console (Services > NTP > Set system time), the current date and time was not displayed.
- OKTA-252305 - When escaping from either of the NTP entry menus the user was returned to the Services menu rather than the NTP menu.
- OKTA-258911 - When changing session cache, the fixed MB example shows 100MB for the 1000MB example. For more information see the Command Line Console > Services menu.
- OKTA-262774 - When resetting the system using the management console (System> Reset) Okta Access Gateway as incorrectly identified as SPGateway.
- OKTA-269513 - When configuring NIC bonding using the management console (Networking >Setup NIC bonding)
"Error command not found" was displayed and the command failed.
Okta Access Gateway 2019.4.5
| Version: | 2019.4.5 |
| Deployment date: | 12-01-2019 |
| Download: | via Admin Dashboard (Settings > Downloads) . |
Features
- Access Gateway has been hardened around certain vulnerability issues.
- Documentation is enhanced for applications, and capacity planning.
Enhancements
- Documentation added to include how to add Kerberos applications. See Add a Kerberos App.
- Capacity planning guidance has been expanded and improved with respect to disk requirements.
See the Capacity Planning and Sizing section inPrerequisites for deploying Access Gateway for more information. - New documentation has been added on use of the Support VPN. See Access Gateway Support VPN for more information.
Fixes
- OKTA-258541 - Okta Access Gateway upgrades incorrectly prompted for passwords via sudo.
- OKTA-257725 - Okta Access Gateway upgrades failed with EBS SSO Agent errors.
Okta Access Gateway 2019.4.2
| Version: | 2019.4.2 |
| Deployment date: | 10-31-2019 |
| Download: | via Admin Dashboard (Settings > Downloads) |
Features
- Access Gateway has been hardened around certain vulnerability issues.
- Documentation is enhanced for applications, capacity planning and sizing, and ports and protocols. SeePrerequisites for deploying Access Gateway for more information.
Enhancements
- Documentation added to include how to add Oracle EBS applications. See Add an Oracle EBS application for more information.
- Documentation added to include how to add PeopleSoft applications. See Add an Oracle PeopleSoft App for more information.
- Documentation added on application behaviors. See About application behaviors for more information.
- Documentation extended to include all required port and protocol information.
See the Firewall Rules section in Prerequisites for deploying Access Gateway for a complete list of all ports and protocols used by Access Gateway. - Capacity planning guidance has been expanded and improved.
See the Capacity Planning and Sizing section in Prerequisites for deploying Access Gateway for more information. - Access Gateway is now available for download from the Admin Console Settings > Downloads menu. For Access Gateway version history see Okta Access Gateway Version History.
Fixes
- OKTA-245678 - Validation failed when API token is Org + App Admin-scoped.
- OKTA-252302 - Input validation errors caused Access Gateway to unexpectedly delete ciphers.
- OKTA-256348 - AutoSession expired when user session creation exceeded one second.
- OKTA-256778 - NGINX did not restart when updated certificates were in place.
- OKTA-256796 - Hostname updates in the management console displayed an error.
Okta Access Gateway 2019.2.0 EA
| Version: | 2019.2.0 |
| Deployment date: | 10-2-2019 |
| Download: | via internal mechanism |
Features
- Admins can now use the Okta Access Gateway Management Console to upgrade their instance of Access Gateway. For more information see Upgrade Access Gateway nodes Individually.
- Admins can more easily add, update and manage certificates. For more information see Certificate management.
- All Access Gateway product and documentation has been updated and re-branded.
Fixes
- OKTA-249758 - Okta Access Gateway updated to address a reporting error during start up.
- OKTA-249457 - Okta Access Gateway has been updated to correctly reload its configuration on start or restart.
- OKTA-247108 - When configuring static networks DNS server is now set correctly.
- OKTA-244460 - On application logout Access Gateway now correctly destroys session cookies in Internet Explorer 11.
- OKTA-244453- When editing an existing IWA application, Kerberos realm drop down list is populated with realm selected while adding the application.
- OKTA-242871- Rapid SSO w/EBS updated to support Internet Explorer.
- OKTA-251020- Management console now displays memcache statistics.
- OKTA-249510- Command line management console enable/disable debug option now functions as expected.
- OKTA-240656- Duplicate realms no longer displayed when setting Kerberos realm in IIS IWA applications.
- OKTA-240544- Mixed case public domain entries are now correctly treated as all lower case.
- OKTA-251603- Application short name is now visible via tooltip when mouse hovers over the application name in the Admin UI.
- OKTA-243275- Okta Access Gateway UI Administration Console now raises errors when invalid domain names are entered due to illegal characters.
- OKTA-241517- Access Gateway now supports certificate generation in the advanced application settings.
- OKTA-241516- Empty Protected Web Resource field are now handled correctly.
- OKTA-241515- Okta Access Gateway now supports custom delimiters and disabling default csv splitting for attribute import.
-
Okta Access Gateway 2019.1.0 EA
| Version: | 2019.1.0 |
| Deployment date: | 08-01-2019 |
| Download: | via internal mechanism |
Notes
There is no published history for this release.