Okta Java LDAP agent version history

This page displays current and past versions of the Okta Java LDAPLightweight Directory Access Protocol (LDAP) is a lightweight client-server protocol for accessing directory services, specifically X.500-based directory services. LDAP runs over TCP/IP or other connection oriented transfer services. AgentA software agent is a lightweight program that runs as a service outside of Okta. It is typically installed behind a firewall and allows Okta to tunnel communication between an on-premises service and Okta's cloud service. Okta employs several agent types: Active Directory, LDAP, RADIUS, RSA, Active Directory Password Sync, and IWA. For example, users can install multiple Active Directory agents to ensure that the integration is robust and highly available across geographic locations.. This page is updated whenever a new version of the agent is released (Generally AvailableGenerally Available features are available to all orgs automatically according to each customer's SKU. You don’t need to enable them in the console or contact Okta Support. (GA) or Early AccessEarly Access (EA) features are opt-in features that you can try out in your org by asking Okta Support to enable them. Additionally, the Features page in the Okta Admin Console (Settings > Features) allows Super Admins to enable and disable some EA features themselves. (EA)). 

To download the latest agent, from your Administrator Dashboard, select Settings > Downloads and scroll to the agent you want. Click the Download button and run the installer.

Current GA Version


Current EA Version


Version Description Release
5.6.4 This version of the agent contains internal improvements. 2020.04.0

This version of the agent contains:

  • Oracle Directory Server Enterprise Edition (ODSEE) support

This version of the agent contains:

  • internal improvements, including updating the JDK to Amazon Coretto
  • eDirectory support
5.6.1 This version of the agent contains internal improvements. 2019.07.0
5.6.0 This version of the agent contains internal improvements. 2019.06.0

This Early Access release includes incremental import improvements:

  • A new  System Log event fires when the modifyTimestamp attribute in LDAP is null for users or group, which causes incremental import to be converted to a full import. One event per import session will be logged.

  • Bug fixes for incremental import.
5.5.6 This Early Access release introduces signed RPM files, allowing you to verifying the authenticity of the RPM file using the provided Public GPG key. For details, see Verify the Okta LDAP agent download 2019.03.01

This Early Access release contains:

  • Support for a configurable number of agent polling threads

  • Internal fixes
5.5.4 This Early Access release contains internal and bug fixes. 2019.01.2

This Early Access release contains the following fixes:

  • Changes to the debug logging levels were not captured

  • Okta authentication with JIT failed when the user ID contained ASCII extended characters.
  • Agent did not recognize pwd expired error for ODSEE server
5.5.2 This Early Access release implements back-end changes that improve how the agent behaves during disaster recovery. 2018.35
5.5.1 This Early Access release fixes an issue where wrong data format was being sent during password reset when AD LDS was configured to use userPassword instead of unicodePwd for the Password Attribute field. 2018.31

This Early Access release includes the following:

  • bug fix: ASCII extended character was getting converted to normal ASCII character in the user’s DN
  • internal improvements
5.4.6 This Generally Available release provides internal fixes to the installer. 2018.14
5.4.5 This Early Access release includes internal fixes to the installer. 2018.12

This Early Availability version of the agent includes the following:

  • fixed a problem with the Okta connection not being closed in certain error cases fixed a problem with incremental imports which occurred after upgrading to a new agent version

This EA agent contains internal improvements and these bug fixes:

  • OKTA-142217 – After an LDAP provisioning error, the system required a reboot and the LDAP configuration could not be updated.
  • OKTA-147299 – Okta authentication with Just In Time (JIT) failed when the user ID contained some non-ASCII extended characters.
  • OKTA-142973 – Just In Time (JIT) provisioning was automatically enabled after modifying LDAP integrations settings.

The LDAP agent version 5.4.2 is now available. This version provides support for customers using Oracle Internet Directory, fixing bugs, and making optimizations to:

  • Incremental imports
  • Agent installation
  • Updated LDAP Agent default settings. For agent upgrades, your current state of enablement is preserved.

For the version history, see the Okta Java LDAP Agent Version History.


These updates provide support for customers using Oracle Internet Directory, fixing bugs and making optimizations to:

  • Incremental Imports
  • Agent Installation
5.4.0 This new version of the LDAP agent supports incremental imports. This feature improves performance by only importing users that were created, updated, or deleted since your last import. 2017.35
5.3.12 This release provides the same functionality as 5.3.10. Some default settings have been updated. 2017.31

This release provides improvements in handling special characters in the DN during LDAP setting validation.


This release provides various improvements to the agent log, as well as fixes to the following issues:

  • Imports from LDAP failed in some orgs due to way the Okta LDAP agent handled unicode characters.
  • Imports from LDAP failed in some orgs due to randomly dropped connections between the LDAP agent and Okta.

5.3.9 This release improves ability to import large number of users by streaming LDAP objects during import. 2017.11
5.3.8 This release provides internal improvements. 2016.45
5.3.7 This release provides internal logging improvements. 2016.38
5.3.6 This release fixes an error that occurred when creating users in LDAP. 2016.32
5.3.5 This release provides additional diagnostic information for use by Okta engineering. 2016.22
5.3.4 This release adds a diagnostic message for use by Okta engineering. 2016.19
5.3.3 This release fixes an issue in which Office 365 users were deprovisioned following an LDAP import. 2016.12
5.3.2 This release includes an option that lets admins disable SSL certificate pinning, which may be necessary to allow new installations to complete in environments where SSL certificate pinning prevents communication with the Okta server.
For more information, see Installing and Configuring the LDAP Agent.
5.3.1 This release provides support for SSL certificate pinning. For more information, see Installing and Configuring the LDAP Agent. 2016.01
5.3.0 This release provides the following enhancements: 2015.48
5.2.5 This version was released to achieve version consistency. It contains no functional differences from the previous release. 2015.39
5.2.4 This release fixes a potential security vulnerability. For more information, see Installing and Configuring the LDAP Agent. 2015.38
5.2.2 This release fixed an issue that prevented the agent from installing. 2015.37
5.2.1 This release added a diagnostic string that contains agent version and OS information. 2015.33
5.2.0 Introduced the General Availability (GA) release of version 5.2.0. This release incorporated the following major enhancements:
  • Support for AD LDS directories
  • A new Validate Configuration section in the setup page
  • Password reset flows
  • New Windows and Linux installers

In support of this GA release, we also changed the agent versioning scheme. Going forward, Okta began incrementing the version based on the 5.x.x convention instead of the former 1.x.x convention.

1.2.9 This update improved the diagnostic messages that are sent to the Okta service. 2015.29
1.2.8 This update fixed an issue that prevented users who needed to change their LDAP password from logging in to their Okta orgThe Okta container that represents a real-world organization. for the first time via JIT. This update also includes JRE version 1.8.0. 2015.27
1.2.7 This update fixed an issue that prevented the agent from running on Linux RHEL 6.3. Additionally, we fixed an issue for ADLDS directories where the agent prevented users from changing their passwords. 2015.24
1.2.6 This update added support for using the objectGUID attribute as a unique identifier. 2015.20
1.2.5 This update provided improved registration error messages. 2015.18
1.2.4 This update fixed some issues in which an agent upgrade required admins to uninstall the existing agent manually before installing the new agent. Additionally, we fixed an issue that prevented the installation from completing on Debian systems. 2015.16 Internal Update 6/17/14 Introduces the Java LDAP Agent rpm installer. 12/10/13

Note: After October 13, 2014, releases are named by release number; prior to that, they are named by release date. Release numbers indicate the year and week in which the release became available. Occasionally, there are gaps in the numbers.