Use this page to learn about general changes to the AdminAn abbreviation of administrator. This is the individual(s) who have access to the Okta Administrator Dashboard. They control the provisioning and deprovisioning of end users, the assigning of apps, the resetting of passwords, and the overall end user experience. Only administrators have the Administration button on the upper right side of the My Applications page. Console, feature updates and deprecations, end of support for certain components, improvements to certain areas of the Okta platform, as well as other items that may not be tied to a particular Okta release.
|Production||2020.01.1||2020.01.2 Production release is scheduled to begin deployment on Feb 3|
2020.01.2 Preview release is scheduled to begin deployment on Jan 29
Starting November 5, 2019, some end-users on Android devices running Okta Mobile 4.3.1 or below encountered the following notification when opening the application:
“Detected possible malicious activity when establishing a secure connection to Okta.”
Okta identified a root cause and has released a fix. For full details, see the incident page for this event. Admins should notify all affected Okta Mobile for Android users and urge them to update to Okta Mobile 4.3.2 for Android as soon as possible. End usersEnd users are people in your org without administrative control. They can authenticate into apps from the icons on their My Applications home page, but they are provisioned, deprovisioned, assigned, and managed by admins. should also enable auto-update in the Google Play Store.
Please see the Support Notification.
Apple has changed the way that Safari reports the device user agentA software agent is a lightweight program that runs as a service outside of Okta. It is typically installed behind a firewall and allows Okta to tunnel communication between an on-premises service and Okta's cloud service. Okta employs several agent types: Active Directory, LDAP, RADIUS, RSA, Active Directory Password Sync, and IWA. For example, users can install multiple Active Directory agents to ensure that the integration is robust and highly available across geographic locations. on iPads running on iPadOS. Due to this change, Okta cannot differentiate between appAn abbreviation of application. Essentially, it is a web-based site used to perform any number of specific tasks, and requires authentication from end users by signing in. requests coming from macOS devices and app requests coming from Safari on iPadOS devices. To mitigate the effects of this change, Okta urges admins to take the following actions:
- To prevent iPadOS devices from bypassing iOS app sign-on policies configured in Okta (if any), configure a Deny/Catch-All app sign-on policy rule that applies to macOS and iPadOS devices. Place this rule last among the rules you create, just above the Default rule (Applications > Applications > app > Sign On tab).
- To prevent iPadOS device users from being affected by macOS policies app sign-on policies configured in Okta (if any), advise users to perform one of the following options:
- Option 1. All websites accessed from Safari (iPadOS 13 and higher) – In iPad settings, go to Safari settings > Request Desktop Website and then turn off the All Websites setting.
- Option 2. Per-website basis – Open Safari, tap Aa on the left side of the search field, and then tap Request Mobile Website.
- Option 3. Access the target app through its Native App version or through Okta Mobile instead of through Safari.
Okta Mobile Connect will not function on iPhones and iPads that upgrade to iOS 13 and iPad OS 13, respectively, because version 13 introduces changes that affect the way an Apple API handles external requests to open Okta Mobile. See Okta Mobile Connect.
On January 1, 2020, Okta ended support for all Okta products on Android operating systems versions below 6.0. Accordingly, Okta recommends that you direct your end users to update their Android devices to a supported version (6.0 or higher).
For more about Okta-supported mobile operating systems, see Okta Browser and OS Support Policy.
The System Log API is now Generally AvailableGenerally Available features are available to all orgs automatically according to each customer's SKU. You don’t need to enable them in the console or contact Okta Support.. Developers of new projects are strongly recommended to use this in lieu of the Events API.