Early Access

User accounts report

Use this report to view users with accounts in Okta and their profile information. It helps you manage and track user access to resources, meet audit and compliance requirements, and monitor the security of your org. The report is located in the Entitlements and Access section of the Reports page. See User Accounts report.

Okta AD Agent automatic update support

Admins can now initiate or schedule automatic updates to Okta AD agents from the Admin Console. With agent auto-update functionality, admins no longer need to manually uninstall and then reinstall Okta AD agents when a new agent version is released. Agent auto-updates keep your agents up to date and compliant with the Okta support policy, and help ensure your org has the latest Okta features and functionality. Single or multiple agents can be updated on demand, or updates can be scheduled to occur outside of business hours to reduce downtime and disruption to users. See Automatically update Okta agents.

OAuth redirect URI wildcards

Admins can now use a wildcard for multiple redirect URI subdomains when configuring OIDC applications. See AIWを使用してOIDCアプリ統合を作成する.

Okta Admin Console Groups page enhancements

EA 2021.05.0 GROUP_MEMBERSHIP_UI

The Okta Admin Console Groups page has been updated to simplify the addition of large numbers of users to groups and reduce the likelihood that all users can be accidentally removed from a group. In addition, search functionality has been significantly improved to make adding and removing users from groups quicker and easier. See グループを管理する.

Customize Okta domains

The ability to customize your Okta domain has now been rolled out to all orgs. With this feature, you can customize your Okta organization by replacing the Okta domain name with your own domain name. This allows you to create a seamless branded experience for your users so that all URLs look like your application. See Custom Domain API.

Custom help links on the Sign-In Widget

Admins can now customize the help links on the MFA verification page of the Sign-In Widget. This allows admins to link their end users to a custom app or page for factor resets. See サインイン・ページのテキストをカスタマイズする.

Event Hook preview

Event Hook preview lets admins easily test and troubleshoot their Event Hooks, as well as send sample requests without manually triggering an actual event. This means admins can preview the payload of a specific Event Hook type and make sure that it's what they need to move forward before a full deployment to production. See イベント・フックのプレビュー.

Enhanced Admin Console search

Admins can now search for end user email addresses in the Spotlight Search field in the Admin Console. You can also view the user's status in the search results when you search by username and email address. This robust global search helps you find what you need in the Admin Console quickly, thereby, saving time and increasing productivity. See 管理コンソールの検索.

RADIUS Agent, version 2.15.0

This version includes all changes released since the EA version 2.7.4. When configuring RADIUS apps, admins seek ways to constantly enhance network security and expand the server OS coverage. To meet these goals, the RADIUS agent version 2.15.10 now supports:

New network access authentication protocols:

• PEAP-EAP-GTC

• EAP-TTLS

New Linux operating systems:

• Red Hat Enterprise Linux release 8.0

• CentOS 7.6

• Ubuntu 18.04.4

With the latest updates, admins gain more flexibility in deployment use cases. For example, the Okta RADIUS agent now interoperates with Netmotion Mobility using EAP-GTC.

RADIUS agent version 2.15.10 also includes support for TLS 1.2, which is required for all connections to Okta, and a simplified installer, which supports proxies and no longer requires shared secrets and ports. The new agent provides admins with an easier installation, configuration, and run-time experience. See Okta RADIUS Serverエージェントのバージョン履歴.

Workplace by Facebook Push AD Manager functionality

Admins can choose to disable Push AD Manager functionality using this self-service Early Access feature. This enables admins to control the manager attribute using Okta Expression Language syntax to avoid being dependent on AD for the field. See Workplace by Facebook.

LDAP agent, new version 5.7.1

This version of the agent contains:

• Internal improvements

• Security fixes

To view the agent version history, see Okta LDAP Agentのバージョン履歴.

Okta Provisioning agent, version 2.0.2

This release of the Okta Provisioning agent includes vulnerability and security fixes. See Okta Provisioning AgentとSDKのバージョン履歴.

Skip to Content improvements

End users can now click Skip to Content on the new Okta End-User Dashboard to navigate directly to the Add Apps page.

Options relocation

The Recent Activity tab, End-User preferences, Admin View, and Sign Out options are now displayed in the user drop down menu on the Okta End-User Dashboard.

One Time Use Refresh Token

One Time Use Refresh Token, also called Refresh Token Rotation, helps a public client to securely rotate refresh tokens after each use. A new refresh token is returned each time the client makes a request to exchange a refresh token for a new access token. See Refresh Token Rotation.

Okta SSO IWA Web App agent, version 1.13.1

This release of the Okta SSO IWA Web App agent includes security enhancements and internal fixes. See Okta SSO IWA Webアプリのバージョン履歴.

New Recent Activity page on the new Okta end-user dashboard

The Recent Activity page provides end users with a summary of recent sign-in and security events for their Okta account. End users can also report suspicious activity to their Okta admin by clicking I don’t recognize this. See 最近のアクティビティー.

LDAP agent, version 5.7.0

This version of the agent contains:

• Support for LDAP group password policies
• Bug fixes

See Okta LDAP Agentのバージョン履歴.

MFA for Windows Credential Provider, version 1.3.0

MFA for Windows Credential Provider version 1.3.0 is now available, adding support for Windows Server 2019. See Okta MFA Credential Provider for Windowsのバージョン履歴 .

New RADIUS agent, version 2.13

This version includes security enhancements, a buffer overrun fix, and a dialog title change to the RADIUS Agent installer. See Okta RADIUS Serverエージェントのバージョン履歴.

Litmos supports Advanced Custom Attributes

The Litmos provisioning app now supports Advanced Custom Attributes. See Litmos Provisioning Guide.

Smart Card Authentication

When initially accessing applications using a custom sign-in widget, users have the option to use a PIV/CAC card for authentication. See IDプロバイダー.s

Okta RADIUS Server agent, version 2.11.0

This version includes support for EAP-TTLS. See Okta RADIUS Serverエージェントのバージョン履歴.

Okta RADIUS Server agent, version 2.10.1

This version includes support for Linux, including .rpm and .deb installers. See Okta RADIUS Serverエージェントのバージョン履歴.

LDAP agent, version 5.6.4

This version of the agent contains internal improvements. See Okta LDAP Agentのバージョン履歴.

Okta ADFS Plugin version 1.7.5

This version includes:

• A fix that removed an extra scroll bar when integrated on an ADFS page with two or more factors.
• Security enhancements and bug fixes

See Okta ADFSプラグインのバージョン履歴

Okta RADIUS Server Agent for Windows, version 2.9.6

This version includes:

• An update that no longer requires entering a port or shared secret in the installer.
• Various bug fixes

See Okta RADIUS Serverエージェントのバージョン履歴

Okta Windows Credential Provider, version 1.2.4

This version includes security enhancements. See Okta MFA Credential Provider for Windowsのバージョン履歴

LDAP agent, version 5.6.3

Support for Oracle Directory Server Enterprise Edition (ODSEE). See Okta LDAP Agentのバージョン履歴

Okta RADIUS Service Agent Update, version 2.9.5

The Okta RADIUS Server Agent version 2.9.5 is updated to run under the LocalService account, which has lower privileges than LocalSystem. The service has also been configured with a write-restricted token to further restrict access.

For more information, see Okta RADIUS Serverエージェントのバージョン履歴.

Okta MFA Credential Provider for Windows, version 1.2.2

The Okta MFA Credential Provider version 1.2.2 includes bug fixes and adds self-service password reset.

For more information, see Okta MFA Credential Provider for Windowsのバージョン履歴 .

Admin settings for selecting identity providers

Admins now have the option to configure a sign-on policy based on a specific identity provider.

For more information, see Adding Rules in © Copyright 2022 Okta, Inc All Rights Reserved. それぞれの商標は、それぞれの商標所有者に帰属します。 .

Quick Access tab on the Okta Browser Plugin available through EA feature manager

Quick Access tab on the Okta Browser Plugin is now available through the EA feature manager. See .

MFA for Oracle Access Manager

With Okta MFA for Oracle Access Manager (OAM), customers can use OAM as their Identity Provider (IdP) to applications and also use Okta for MFA to provide a strong method of authentication for applications. For more information, see Oracle Access Manager用のMFA.

New Windows Device Registration Task, version 1.4.0

This release includes the following:

• Support for Trusted Platform Module (TPM 1.2 or 2.0) on Windows 10 devices with TPM. Admin action is required. For installation instructions and other details, see Trusted Platform Module（TPM）によるWindows Device Trustのセキュリティー強化.
• Various fixes. See Device Trust for Windows DesktopのRegistration Taskのバージョン履歴.

Okta On-Prem MFA agent, version 1.4.1

This release of the agent contains security enhancements. See Okta On-Prem MFAエージェントのバージョン履歴.

Factor Sequencing

Admins can now provide end users with the option to sign in to their org using various MFA factors as the primary method of authentication in place of using a standard password. See 多要素認証の要素シーケンス .

Custom Factor Authentication

Custom Factor Authentication allows admins to enable an Identity Provider factor using SAML authentication. For more information, see カスタムIdP.

Integrate Okta Device Trust with VMware Workspace ONE for iOS and Android devices

The Okta + VMware integration is a SAML-based solution that combines the power of Okta Contextual Access Management with device signals from VMware Workspace ONE to deliver a secure and seamless end-user experience. For details, see Okta Device TrustをiOSおよびAndroidデバイス用のVMware Workspace ONEと統合する.

On Premises Provisioning agent, version 1.3.3

This release changes from Oracle JRE to Amazon Corretto JRE 8.202.08.2. The OPP Agent now supports CSV Directory imports from a CSV file with a byte order mark. Additionally, imports will now fail if the OPP Agent attempts to send a message that is too large for Okta. For agent version history, see Okta Provisioning AgentとSDKのバージョン履歴.

LDAP agent, version 5.6.1

This version of the agent contains internal improvements. For version history, see Okta LDAP Agentのバージョン履歴.

Enforce Okta Device Trust for Native Apps and Browsers on MDM-managed Android devices

Okta Device Trust for Native Apps and Browsers on MDM-managed Android devices allows you to prevent unmanaged Android devices from accessing enterprise services through browsers and native applications.

Note: This feature requires Okta Mobile 3.14.1 for Android (or later). For details, see MDMの管理対象Androidデバイスへのネイティブ・アプリとブラウザーに対応したOkta Device Trustの適用.

Okta SSO IWA Web App agent, version 1.13.0

This release of the Okta SSO IWA Web App agent includes bug fixes. For version history, see Okta SSO IWA Webアプリのバージョン履歴.

Agentless Desktop SSO, feature dependency

If you are using Agentless Desktop Single Sign On, there is now a dependency on Identity Provider Routing Rules. If you do not have Identity Provider Routing Rules enabled, contact Support. For feature details, see エージェントレス・デスクトップ・シングル・サインオンを構成する and IDプロバイダーのルーティング・ルール.

New System Log events for Inline Hooks

• Log all Inline Hook response events: All inline hook success and failure events are now logged. Logged events provide context around how the response was used.
• Inline Hook Type events also log the type of Inline Hook.

For more feature information, see インライン・フック.

New System Log event for ThreatInsight

When ThreatInsight configuration is updated, the System Log now displays a new event to reflect these configuration changes. For more information about this feature, see Okta ThreatInsight.

Sign-In Widget labeling

The Sign-In Widget has been updated to use labels for form fields instead of placeholder text.

Note: This update applies to the default login page. If you are using a custom login page you need to manually upgrade to the 3.0 version of the Widget to get this update.

For more feature information, see Oktaでホストされるカスタムのサインイン・ページを構成する.

Before:

After:

Allow end users to quickly access recently used apps

End users can find recently used apps in a separate Recently Used section on their dashboard as well as in the Recently Used option from the Okta Browser Plugin. For more information, see Find recently used apps.

LDAP agent, version 5.6.0

This version of the agent contains internal improvements. For version history, see Okta LDAP Agentのバージョン履歴.

System Log event for Agentless Desktop SSO configuration updates

When changes are made to the Agentless DSSO configuration, the System Log tracks the action as shown below. For more information on Agentless Desktop SSO, see Configure Agentless Desktop SSO.

System Log event for Kerberos realm settings

When changes are made to the Kerberos realm settings, the System Log tracks the action as shown below. This event also indicates the initiator of the event and the current setting for Kerberos Realm. For more information on Agentless Desktop SSO, see エージェントレス・デスクトップ・シングル・サインオンを構成する.

System Log event for Agentless Desktop SSO redirects

When Agentless Desktop SSO redirects to the IWA SSO agent or the default Sign In page, the System Log tracks the action as shown below. For more information on Agentless Desktop SSO, see エージェントレス・デスクトップ・シングル・サインオンを構成する.

Updated labels in Device Trust enablement flow for Integration types

Some labels in the Admin Console for Device Trust enablement are updated to align with changes in partner branding. Existing functionality is unaffected by this update. For details, see .

Web Authentication security key enrollment

Admins may now enroll a WebAuthn security key on behalf of their end users through user profile settings. For more information about MFA and WebAuthn, see © Copyright 2022 Okta, Inc All Rights Reserved. それぞれの商標は、それぞれの商標所有者に帰属します。 .

Automation Policies enhancement

Run Once Automation policies can be optionally run without any conditions. For more information about Automations, see 自動化

Okta LDAP agent, version 5.5.5

This release contains:

• Support for a configurable number of agent polling threads  
• Internal fixes

For details, see Okta LDAP Agentのバージョン履歴 and Okta LDAPエージェントのスレッド数を変更する.

Review prompt on Okta Mobile for iOS

End-users using Okta Mobile on iOS are prompted to provide an App Store rating for the app. When they provide a rating in the app and click Submit, they are taken to the App Store page for the Okta Mobile app to provide more optional feedback about the app. They can click Not now to dismiss the option. For more information, see Okta Mobileについて.

Okta On-Prem MFA Agent, version 1.4.0

This release replaces the JRE with the Amazon Corretto 8.0 version of OpenJDK JRE. For the agent version history, see Okta On-Prem MFAエージェントのバージョン履歴.

OIN Manager supports multiple application submissions

When submitting a new application integration for review by Okta, the OIN Manager now supports multiple concurrent application submissions (for new orgs only).

Custom domain HTTP to HTTPS redirect

Custom domain can redirect from HTTP to HTTPS. For more information about custom domains, see Configure a custom URL domain.

Okta Active Directory agent, version 3.5.6

This release includes the following changes:

• Back-end changes to improve how the agent refreshes its DNS entries and connects to servers during disaster recovery.

• The MaxRetryLimitSleep parameter default is now 8 minutes.
• A bug fix resolving group membership issues when a user is created by JIT.

For more information, see Okta Active Directoryエージェントのバージョン履歴.

Okta LDAP agent, version 5.5.4

This release contains internal changes and bug fixes. For more information, see Okta LDAP Agentのバージョン履歴.

MFA for ePCS

Okta provides multifactor authentication for the Electronic Prescribing for Controlled Substances (ePCS) system with its integration to Epic Hyperspace, which is the front-end software that launches ePCS. For more information, see 規制薬物の電子処方箋（ePCS）用のMFA

Inline MFA Enrollment for RADIUS Apps

Admins can now either allow or prohibit end users to access resources protected by RADIUS to enroll in MFA while authenticating. For more information, see OktaのRADIUSアプリケーション.

Multi-forest support for Windows Device Trust enrollment

IWA web app version 1.12.2 supports cross-forest/cross-domain Windows device trust enrollment. Now an IWA web app running in one forest can detect and assess the trust posture of Windows desktop devices located in another trusted forest and then allow these devices to enroll in Windows Device Trust. For more about Windows Device Trust, see Enforce Okta Device Trust for managed Windows computers.

Okta collecting product feedback from end users

Admins can allow Okta to collect feedback from end users. If this feature is turned on, end users will see a prompt on their Okta dashboard requesting feedback about our products and services. You can opt out of Okta User Communication in Settings > Customization > General. For more information, see End User Communication.

Web Authentication for U2F as a Factor

Admins can enable the factor Web Authentication for U2F, where U2F keys are authenticated using the WebAuthn standard. For more information, see Web Authentication for U2F.

Okta SSO IWA Web App Agent, version 1.12.2

This EA release includes: Security fixes. Support for cross-forest/cross-domain Windows device trust enrollment. Now an IWA web app running in one forest can detect and assess the trust posture of Windows desktop devices located in another trusted forest and then allow these devices to enroll in Windows Device Trust. For details, see Okta SSO IWA Webアプリのバージョン履歴.

Okta Active Directory agent, version 3.5.5

This release includes:

• A bug fix for errors when importing a group with more than 1,500 users.
• Internal bug fixes

For version history details, see Okta Active Directoryエージェントのバージョン履歴.

View admin list by role

Super admins can now filter the list of admins by role and type for easier searching.

FIPS-mode encryption enhancement

We have updated the Okta Verify configuration UI label for the FIPS-Mode encryption setting. For more information, see Enabling FIPS-mode encryption.