Okta Access Gateway release notes

Okta Access Gateway Version History

Release: 2024.6.1

Deployment date: June 13, 2024

Download: Okta Admin Console (SettingsDownloads)

Release summary

Access Gateway version 2024.6.1 is now Generally Available. This release includes new features, bug fixes, security enhancements, and updated documentation.

Install this version

  1. Take a snapshot of the appliance or make a backup before you start the upgrade process. See your virtualization platform's documentation for instructions on taking snapshots. See Backup and restore for instructions on making Access Gateway backups and restoring them.
  2. Sign in to the Access Gateway Management console.
  3. Select 5 - System, and then select 2 - Install Package.
  4. This step is only required if you’re running Access Gateway version 2023.7.2 or earlier. If your Access Gateway version is 2023.8.1 or later, skip to step 6.
    1. Select 2 - Install Package.
    2. When the installer prompts you for a package name, enter okta-mgmt-user-2023.9.1-64a0a16e6 and press Enter.
  5. When the upgrade is complete, close the Management console.
  6. Open the Management console and sign in again.
  7. Select 5 - System, and then select 4 - Update. Follow the prompts to update the remaining Access Gateway packages.
  8. Reboot the node after you complete the upgrade. See the Reboot section of the System menu for instructions.

Features and enhancements

Configure the maximum memory size for the Access Gateway Admin service

You can now configure and validate the maximum memory size for the Admin service for Access Gateway. The default memory has been increased to 512 megabytes. This enables admins to verify that there's enough memory available for the Admin service to run correctly.

Fixes

  • OKTA-716593: Access Gateway didn't resolve proxy URLs correctly.

Release: 2024.5.1

Deployment date: May 13, 2024

Download: Okta Admin Console (SettingsDownloads)

Release summary

Access Gateway version 2024.5.1 is now Generally Available. This release includes bug fixes.

Install this version

  1. Take a snapshot of the appliance or make a backup before you start the upgrade process. See your virtualization platform's documentation for instructions on taking snapshots. See Backup and restore for instructions on making Access Gateway backups and restoring them.
  2. Sign in to the Access GatewayManagement console.
  3. Select 5 - System, and then select 2 - Install Package.
  4. This step is only required if you’re running Access Gateway version 2023.7.2 or earlier. If your Access Gateway version is 2023.8.1 or later, skip to step 6.
    1. Select 2 - Install Package.
    2. When the installer prompts you for a package name, enter okta-mgmt-user-2023.9.1-64a0a16e6 and press Enter.
  5. When the upgrade is complete, close the Management console.
  6. Open the Management console and sign in again.
  7. Select 5 - System, and then select 4 - Update. Follow the prompts to update the remaining Access Gateway packages.
  8. Reboot the node after you complete the upgrade. See the Reboot section of System menu for instructions.

Important updates

Support Connection deprecated

The Support Connection feature has been deprecated. Admins can use screen sharing tools and the new Privileged Shell feature when troubleshooting with Okta Support staff. This enhances security by preventing Okta Support from working directly in customer environments. See Launch Shell.

Fixes

  • OKTA-727623: The Access Gateway Management Console wasn't accessible after upgrading to version 2024.5.0.

Release: 2024.5.0

Deployment date: May 8, 2024

Download: Okta Admin Console (SettingsDownloads)

Release summary

Access Gateway version 2024.5.0 is now Generally Available. This release includes new features, bug fixes, security enhancements, and updated documentation.

Install this version

  1. Take a snapshot of the appliance or make a backup before you start the upgrade process. See your virtualization platform's documentation for instructions on taking snapshots. See Backup and restore for instructions on making Access Gateway backups and restoring them.
  2. Sign in to the Access GatewayManagement console.
  3. Select 5 - System, and then select 2 - Install Package.
  4. When the installer prompts you for a package name, enter okta-user-2024.5.0-0267ea676 and press Enter.
  5. This step is only required if you’re running Access Gateway version 2023.7.2 or earlier. If your Access Gateway version is 2023.8.1 or later, skip to step 6.
    1. Select 2 - Install Package.
    2. When the installer prompts you for a package name, enter okta-mgmt-user-2023.9.1-64a0a16e6 and press Enter.
  6. When the upgrade is complete, close the Management console.
  7. Open the Management console and sign in again.
  8. Select 5 - System, and then select 4 - Update. Follow the prompts to update the remaining Access Gateway packages.
  9. Reboot the node after you complete the upgrade. See the Reboot section of System menu for instructions.

Important updates

Support Connection deprecated

The Support Connection feature has been deprecated. Admins can use screen sharing tools and the new Privileged Shell feature when troubleshooting with Okta Support staff. This enhances security by preventing Okta Support from working directly in customer environments. See Launch Shell.

Features and enhancements

Okta Access Gateway Privileged Shell

The new Privileged Shell lets admins run Linux commands from the Access Gateway Management Console for diagnostic, troubleshooting, and other purposes. Privileged Shell replaces the Support Connection feature, which has been deprecated. Admins can use screen sharing tools when troubleshooting with Okta Support staff. This enhances security by preventing Okta Support from working directly in customer environments. See Launch Shell.

Fixes

  • OKTA-538865: The X - Exit menu sometimes displayed incorrect text.
  • OKTA-664815: The timeout log wasn't generated.
  • OKTA-702299: Content Rewrite recorded incorrect host header values in app configurations.
  • OKTA-702508: The Sync feature recorded error entries in the System Log instead of reporting failure.
  • OKTA-704926: The HTTP 400 Bad Request error message sometimes appeared when Configure OpenTelemetry and REST APIs for monitoring configurations were enabled.
  • OKTA-706026: The backup script caused renomination failures.
  • OKTA-714145: When admins placed an app in maintenance mode, users were redirected to the authentication page instead of the app maintenance page.
  • OKTA-715003: Okta Expression Language sometimes appeared on header app template pages.

Release: 2024.4.0

Deployment date: April 2, 2024

Download: Okta Admin Console (SettingsDownloads)

Release summary

Access Gateway version 2024.4.0 is now Generally Available. This release includes bug fixes, security enhancements, and updated documentation.

Install this version

  1. Take a snapshot of the appliance or make a backup before you start the upgrade process. See your virtualization platform's documentation for instructions on taking snapshots. See Backup and restore for instructions on making Access Gateway backups and restoring them.

  2. Sign in to the Access GatewayManagement console. If your Access Gateway version is 2023.8.1 or later, skip to step 7.
  3. Select 5 - System, and then select 2 - Install Package.
  4. This step is only required if you’re running Access Gateway version 2023.7.2 or earlier. When the installer prompts you for a package name, enter okta-mgmt-user-2023.9.1-64a0a16e6 and press Enter.
  5. When the upgrade is complete, close the Management console.
  6. Open the Management console and sign in again.
  7. Select 5 - System, and then select 4 - Update. Follow the prompts to update the remaining Access Gateway packages.
  8. Reboot the node after you complete the upgrade. See the Reboot section of System menu for instructions.

Fixes

  • OKTA-699741: Some users were directed to the wrong app when they tried to sign in to Access Gateway using Customer Identity Cloud.

Release: 2024.3.0

Deployment date: March 14, 2024

Download: Okta Admin Console (SettingsDownloads)

Release summary

Access Gateway version 2024.3.0 is now Generally Available. This release includes bug fixes, security enhancements, and updated documentation.

Install this version

  1. Take a snapshot of the appliance or make a backup before you start the upgrade process. See your virtualization platform's documentation for instructions on taking snapshots. See Backup and restore for instructions on making Access Gateway backups and restoring them.

  2. Sign in to the Access GatewayManagement console. If your Access Gateway version is 2023.8.1 or later, skip to step 7.
  3. Select 5 - System, and then select 2 - Install Package.
  4. This step is only required if you’re running Access Gateway version 2023.7.2 or earlier. When the installer prompts you for a package name, enter okta-mgmt-user-2023.9.1-64a0a16e6 and press Enter.
  5. When the upgrade is complete, close the Management console.
  6. Open the Management console and sign in to it again.
  7. Select 5 - System, and then select 4 - Update. Follow the prompts to update the remaining Access Gateway packages.
  8. Reboot the node after you complete the upgrade. See the Reboot section of System menu for instructions.

Fixes

  • OKTA-666537: Access Gateway timed out when admins tried to edit an app.
  • OKTA-670051: Commas in array attributes were replaced by delimiter characters in arrays with a length of 1.
  • OKTA-693084: Access Gateway didn't respond with the HSTS header to initial post requests.
  • OKTA-693765: Custom admins with the "Manage app settings" permission could trigger privilege escalation.
  • OKTA-700278: SSH Terrapin prefixes were truncated.

Release: 2024.2.1

Deployment date: February 21, 2024

Download: Okta Admin Console (SettingsDownloads)

Release summary

Access Gateway version 2024.2.1 is now Generally Available. This release includes bug fixes, security enhancements, and updated documentation.

Install this version

  1. Take a snapshot of the appliance or make a backup before you start the upgrade process. See your virtualization platform's documentation for instructions on taking snapshots. See Backup and restore for instructions on making Access Gateway backups and restoring them.

  2. Sign in to the Access GatewayManagement console. If your Access Gateway version is 2023.8.1 or later, skip to step 7.
  3. Select 5 - System, and then select 2 - Install Package.
  4. This step is only required if you’re running Access Gateway version 2023.7.2 or earlier. When the installer prompts you for a package name, enter okta-mgmt-user-2023.9.1-64a0a16e6 and press Enter.
  5. When the upgrade is complete, close the Management console.
  6. Open the Management console and sign in to it again.
  7. Select 5 - System, and then select 4 - Update. Follow the prompts to update the remaining Access Gateway packages.
  8. Reboot the node after you complete the upgrade. See the Reboot section of System menu for instructions.

Known issues

The upgrade process to Access Gateway version 2024.2.1 didn't create the SNMP configuration files.

If you're running SNMP v2c on an existing Access Gateway installation, you must disable and then enable the SNMP service. Then select SNMP version v2c on each Access Gateway instance in your environment if you install Access Gateway version 2024.2.1 or later.

  1. Sign in to the Access Gateway Management console.
  2. Select 2 - Services.
  3. Select 6 - SNMP.
  4. Select 1 - Disable SNMP.
  5. Select x to return to the 6 - SNMP menu.
  6. Select 1 - Enable SNMP.
  7. Select x to return to the 6 - SNMP menu.
  8. Select 6 - Configure SNMP.
  9. Select 1 - Enable SNMP v2c.

Validation check

Poll the OAG server using this command. Run it from another server. If SNMP traps are sent from the Access Gateway server, SNMP is working.

snmpwalk -O n -v2c -c <AccessGatewayCommunityString> <OAG SERVER IP ADDRESS>:161 .1

Features and enhancements

SNMP disabled by default on new installations

New installations of OAG now have SNMP disabled by default. SNMP on existing OAG instances aren't affected.

The management console adds an SNMP control option that allows admins to do the following:

  • Start, stop, or restart the SNMP service
  • Enable or disable the SNMP service
  • Enable or disable SNMP v2c

When an admin enables the SNMP service on new installations, SNMP v3 is used by default. SNMP v3 allows the admin to add users and set the credentials.

Admins can also choose to use SNMP v2c, which provides an option to change the community string.

See Administer SNMP monitoring.

Fixes

  • OKTA-655833: The amount of disk space displayed was greater than what was actually available.
  • OKTA-664047: The Okay button wasn't disabled in the OAG UI when the policy type changed.
  • OKTA-666911: Okta ran an excessive number of health check queries.
  • OKTA-681988: When REST API monitoring was enabled, an unnecessary message was displayed.
  • OKTA-686947: The Access Gateway Admin UI failed to load when admins upgraded to Access Gateway 2023.12.0 or 2024.01.1.

Release: 2024.1.1

Deployment date: January 11, 2024

Download: Okta Admin Console (SettingsDownloads)

Release summary

Access Gateway version 2024.1.1 is now Generally Available. This release includes bug fixes, security enhancements, and updated documentation.

Install this version

  1. Take a snapshot of the appliance or make a backup before you start the upgrade process. See your virtualization platform's documentation for instructions on taking snapshots. See Backup and restore for instructions on making Access Gateway backups and restoring them.

  2. Sign in to the Access GatewayManagement console. If your Access Gateway version is 2023.8.1 or higher, skip to step 7.
  3. Select 5 - System, and then select 2 - Install Package.
  4. This step is only required if you’re running Access Gateway version 2023.7.2 or earlier. When the installer prompts you for a package name, enter okta-mgmt-user-2023.9.1-64a0a16e6 and press Enter.
  5. When the upgrade is complete, close the Management console.
  6. Open the Management console and sign in to it again.
  7. Select 5 - System, and then select 4 - Update. Follow the prompts to update the remaining Access Gateway packages.
  8. Reboot the node after you complete the upgrade. See the Reboot section of System menu for instructions.

Fixes

  • OKTA-675731: The Admin Service on Admin nodes failed after upgrading to Access Gateway version 2023.12.0.
  • OKTA-679895: Access Gateway couldn't connect to its databases.

Release: 2023.12.0

Deployment date: December 12, 2023

Download: Okta Admin Console (SettingsDownloads)

Release summary

Access Gateway version 2023.12.0 is now Generally Available. This release includes new features, bug fixes, security enhancements, and updated documentation.

Install this version

  1. Take a snapshot of the appliance or make a backup before you start the upgrade process. See your virtualization platform's documentation for instructions on taking snapshots. See Backup and restore for instructions on making Access Gateway backups and restoring them.

  2. Sign in to the Access GatewayManagement console. If your Access Gateway version is 2023.8.1 or higher, skip to step 7.
  3. Select 5 - System, and then select 2 - Install Package.
  4. This step is only required if you’re running Access Gateway version 2023.7.2 or earlier. When the installer prompts you for a package name, enter okta-mgmt-user-2023.9.1-64a0a16e6 and press Enter.
  5. When the upgrade has completed, close the Management console.
  6. Open the Management console and sign in to it again.
  7. Select 5 - System, and then select 4 - Update. Follow the prompts to update the remaining Access Gateway packages.
  8. Reboot the node after you complete the upgrade. See the Reboot section of System menu for instructions.

Features and enhancements

Access Gateway backup enhancement

Access Gateway admin node backups are now stored on all worker nodes. If an admin node is lost, the backup files are still accessible. See Backup and restore.

Fixes

  • OKTA-649741: The load balancer health check stayed in the initialization state longer than expected, or failed, and users couldn't access apps during this time.
  • OKTA-662016: The Public Domain field on the application Settings page didn't accept IP addresses.
  • OKTA-663730: Rebooting Access Gateway instances re-enabled the Okta Support connection even though it was disabled.
  • OKTA-666375: Identity Provider settings weren't displayed correctly in the Access Gateway Management Console when admins selected Customer Identity Cloud as the Identity Provider.
  • OKTA-647081: Outdated H2 Database Engine libraries were used in Access Gateway.

Release: 2023.11.0

Deployment date: November 14, 2023

Download: Okta Admin Console (SettingsDownloads)

Release summary

Access Gateway version 2023.11.0 is now Generally Available. This release includes new features, bug fixes, security enhancements, and updated documentation.

Install this version

  1. Take a snapshot of the appliance or make a backup before you start the upgrade process. See your virtualization platform's documentation for instructions on taking snapshots. See Backup and restore for instructions on making Access Gateway backups and restoring them.

  2. Sign in to the Access GatewayManagement console. If your Access Gateway version is 2023.8.1 or higher, skip to step 7.
  3. Select 5 - System2 - Install Package.
  4. This step is only required if you’re running Access Gateway version 2023.7.2 or earlier. When the installer prompts you for a package name, enter okta-mgmt-user-2023.9.1-64a0a16e6 and press Enter.
  5. When the upgrade has completed, close the Management console.
  6. Open the Management console and sign in to it again.
  7. Select 5 - System4 - Update and follow the prompts to update the remaining Access Gateway packages.
  8. Reboot the node after you complete the upgrade. See the Reboot section of System menu for instructions.

Features and enhancements

New Identity Provider generally available for Access Gateway

Access Gateway admins may now use Okta Customer Identity Cloud as an Identity Provider. See Configure an Identity Provider in Access Gateway.

Custom domains for Customer Identity Cloud allowed as IdP in Access Gateway

Admins can now provide a custom domain for Customer Identity Cloud and use it as the Identity Provider for Access Gateway. See Configure an Identity Provider in Access Gateway.

Fixes

  • OKTA-557981: Some Access Gateway Management console sessions weren't terminated after periods of inactivity.
  • OKTA-617499: Some log events weren't included in the downloadable log files.
  • OKTA-641512: Some symlinks weren't deleted after the associated certificate was deleted.
  • OKTA-660573: The certificate list wasn't visible in the Access Gateway Admin UI console after uploading a certificate.
  • OKTA-653576: Top-level domains longer than six characters weren't accepted.

Release: 2023.9.1

Deployment date: September 21, 2023

Download: Okta Admin Console (SettingsDownloads)

Release summary

Okta Access Gateway version 2023.9.1 is now Generally Available. This release includes security enhancements and updated documentation.

Install this version

  1. Take a snapshot of the appliance or make a backup before you start the upgrade process. See your virtualization platform's documentation for instructions on taking snapshots. See Backup and restore for instructions on making Access Gateway backups and restoring them.

  2. Sign in to the Access GatewayManagement console.
  3. Select 5 - System2 - Install Package.
  4. When the installer prompts you for a package name, enter okta-mgmt-user-2023.9.1-64a0a16e6 and press Enter.
  5. When the upgrade has completed, close the Management console.
  6. Open the Management console and sign in to it again.
  7. Select 5 - System4 - Update and follow the prompts to update the remaining Access Gateway packages.
  8. Reboot the node after you complete the upgrade. See the Reboot section of System menu for instructions.

Features and enhancements

New Identity Provider available for Okta Access Gateway

Okta Access Gateway admins may now use Okta Customer Identity Cloud as an Identity Provider. See Configure an Identity Provider in Access Gateway.


Release: 2023.8.1

Deployment date: August 16, 2023

Download: Okta Admin Console (SettingsDownloads)

Release summary

Okta Access Gateway version 2023.8.1 is now Generally Available. This release includes new features, bug fixes, security enhancements, and updated documentation.

Install this version

  1. Take a snapshot of the appliance or make a backup before you start the upgrade process. See your virtualization platform's documentation for instructions on taking snapshots. See Backup and restore for instructions on making Access Gateway backups and restoring them.

  2. Sign in to the Access GatewayManagement console.
  3. Select 5 - System2 - Install Package.
  4. When the installer prompts you for a package name, enter okta-mgmt-user-2023.8.1-e6718c10c and press Enter.
  5. When the upgrade has completed, close the Management console.
  6. Open the Management console and sign into it again.
  7. Select 5 - System4 - Update and follow the prompts to update the remaining Access Gateway packages.
  8. Reboot the node after you complete the upgrade. See the Reboot section of System menu for instructions.

Features and enhancements

Universal Logout is now available in Okta Access Gateway

Universal Logout provides Okta Access Gateway with the ability to terminate all Access Gateway app sessions, if enabled for a protected app, when the user signs out of the app. See Access Gateway and sessions.

Fixes

  • OKTA-625134: Simple Network Management Protocol (SNMP) connections with other protocols returned error messages.
  • OKTA-629563: Secure File Transfer Protocol (SFTP) sessions failed for Okta Support connections to hosts running Access Gateway version 2023.7.2.
  • OKTA-622517: Universal Logout didn't terminate app sessions when load balancing was enabled.

Release: 2023.7.2

Deployment date: July 18, 2023

Download: Okta Admin Console (SettingsDownloads)

Release summary

Okta Access Gateway version 2023.7.2 is now Generally Available. This release includes bug fixes, security enhancements, and updated documentation.

Install this version

  1. Sign in to the Access GatewayManagement console.
  2. Select 5 - System2 - Install Package.
  3. When the installer prompts you for a package name, enter okta-mgmt-user-2023.7.2-6921e07d6 and press Enter.
  4. When the upgrade has completed, close the Management console.
  5. Open the Management console and sign into it again.
  6. Select 5 - System4 - Update and follow the prompts to update the remaining Access Gateway packages.
  7. Reboot the node after you complete the upgrade. See the Reboot section of System menu for instructions.

Fixes

  • OKTA-529113: Headers with a 0 (zero) value weren't displayed in the Admin UI.
  • OKTA-581200: Apps protected by Access Gateway displayed long error messages.
  • OKTA-592501: Some custom login URL paths weren't validated correctly, which caused an Access Gateway outage.
  • OKTA-603082: Some users were directed to the wrong app when attempting to access a resource.
  • OKTA-609598: Access Gateway replaced the user-configured cURL path with a forward slash.
  • OKTA-602176: Account attributes weren't displayed on the Authentication module Edit page.
  • OKTA-604745: Access Gateway upgrades to version 2022.11.0 and earlier failed on Microsoft Azure virtual machines.
  • OKTA-604988: When admins edited the settings for an Access Gateway-protected app, the iFrame trusted origin scope in the Okta Identity Provider settings were overridden.
  • OKTA-606555: Access Gateway didn't put applications in offline mode.
  • OKTA-616238: Access Gateway version 2022.10.0 didn't display the list of available versions.
  • OKTA-616964: Admins couldn't install system upgrades for some Access Gateway versions.
  • OKTA-625867: An error appeared when admins upgraded from Access Gateway version 2023.04.2 with VPN support disabled to version 2023.07.0 with VPN support enabled.

Release: 2023.4.2

Deployment date: May 1, 2023

Download: Okta Admin Console (SettingsDownloads)

Release summary

Okta Access Gateway version 2023.4.2 is now Generally Available. This release includes new features, bug fixes, security enhancements, and updated documentation.

Install this version

  1. Sign in to the Access GatewayManagement console.
  2. Select 5 - System2 - Install Package.
  3. When the installer prompts you for a package name, enter okta-mgmt-user-2023.4.2-e8a4b9429 and press Enter.
  4. When the upgrade has completed, close the Management console.
  5. Open the Management console and sign into it again.
  6. Verify that the version number 2023.4.2 appears at the bottom of the screen.
  7. Select 5 - System4 - Update and follow the prompts to update the remaining Access Gateway packages.
  8. Reboot the node after you complete the upgrade. See the Reboot section of System menu for instructions.

Features and enhancements

Default host certificate updates

Admins can now map a certificate and configure the default virtual hostname using a new setup wizard. See Associate a default host certificate using the Access Gateway Admin UI console.

cURL testing in the Access Gateway console

Admins may now test connectivity to URLs using cURL directly from the Access Gateway console. This enables admins to run these tests themselves without contacting Okta Support. See Manage network interfaces.

Maximum file size for Access Gateway log

The maximum size for log files has been increased to 20 gigabytes. This prevents error messages from appearing if log file sizes exceed the previous maximum size. See Logging.

Universal Logout

Universal Logout provides the ability to terminate all Access Gateway app sessions when a user signs out of a protected app. See Access Gateway and sessions.

FIPS mode

Admins may now choose to enable Federal Information Processing Standards (FIPS) mode to provide cryptographic protections compatible with United States Federal Government standards to Access Gateway. This feature enables admins to enhance the security of their Access Gateway environment and comply with US government standards where required. See Enable FIPS mode .

Expanded load balancer health check path

The load balancer health check path has been expanded to accept 100 characters. See Enable Access Gateway load balancing in an application.

Fixes

  • OKTA-551587: When users accessed an app that redirected to another resource, Access Gateway added an extra forward slash to the resource path.
  • OKTA-497763: Outdated Twig libraries were used in Access Gateway.
  • OKTA-526494: User-defined attributes, such as UserName, conflicted with predefined attribute labels.
  • OKTA-535164: The browser session expiration settings didn't allow Access Gateway to access an adaptive policy without re-authentication. They also resulted in internal server errors during sign-out events.
  • OKTA-553387: The load balancer health check failed for all HTTP status codes except for 200, and admins couldn't add new HTTP status codes.
  • OKTA-556826: The Access Gateway console froze when a public domain was entered manually into the Public domain field.
  • OKTA-556939: The Access Gateway console didn't display the correct operating system version number.
  • OKTA-559417: Default static routes reappeared after rebooting.
  • OKTA-560944: The Access Gateway admin user interface only displayed 20 assigned groups even though more had been assigned.
  • OKTA-561405: Access Gateway sometimes returned an error when attempting to load the Access Gateway favicon without an active session.
  • OKTA-579650: When the "Browser Session Expiration" setting was enabled, users received the error message "Load Balancing Session Not Found" if they attempted to sign in after their session expired.
  • OKTA-580045: Admins couldn't add advanced configurations when creating apps in Access Gateway.
  • OKTA-585626: The load balancer health check didn't use the port specified in the protected web resource.
  • OKTA-592801: Users couldn't sign in to Access Gateway when HTTP calls weren't allowed in the environment.
  • OKTA-535390: Setting NTP servers in the management console didn't remove the default pool.

Release: 2022.11.02

Deployment date: November 29, 2022

Download: Okta Admin Console (SettingsDownloads)

Release summary

Okta Access Gateway version 2022.11.02 is now Generally Available. This release includes security enhancements and bug fixes.

Reboot the node after you complete the upgrade. See the Reboot section of System menu for instructions.


Release: 2022.11.0

Deployment date: November 4, 2022

Download: Okta Admin Console (SettingsDownloads)

Release summary

Okta Access Gateway version 2022.11.0 is now Generally Available. This release includes security enhancements.


Release: 2022.10.0

Deployment date: October 5, 2022

Download: Okta Admin Console (Settings > Downloads)

Release summary

Okta Access Gateway version 2022.10.0 is now Generally Available. This release includes bug fixes, security enhancements, and updated documentation.

Features and enhancements

Google Cloud Platform VM available

Okta Access Gateway customers can now download and deploy the Access Gateway virtual appliance on Google Cloud Platform. See Google Cloud Platform deployment tasks.

Fixes

  • OKTA-445121: The OS version displayed by the Admin Setup Wizard was incorrect.
  • OKTA-447719: After reboot, default routes on secondary interfaces were restored.
  • OKTA-449488: After upgrading to OAG 2021.1.1, trusted hosts were not being created when an OAG app was added.
  • OKTA-468855: RPM error messages were incorrectly displayed during upgrade tests.
  • OKTA-474030: When processing favicon.ico for a protected application, a DNS error occurred that caused issues with future favicon.ico lookups.
  • OKTA-477489: The message of the day displayed to users was imprecise.
  • OKTA-479586: The management console on Oracle Enterprise Linux didn’t display route information.
  • OKTA-479800: The OpenTelemetry menu didn't follow the standard console menu format.
  • OKTA-484136: Installing OAG in AWS automatically installed the AWS Systems Manager Agent.
  • OKTA-488011: When setting up Active Directory as a Local Auth Module, some information was processed incorrectly.
  • OKTA-499477: After rebooting, some expected routes were missing.
  • OKTA-500290: In OAG 2022.3, unable to add worker nodes after renomination.
  • OKTA-500385: Enabling Health Check caused load balancing to incorrectly appear as unhealthy, which prevented access to resources.
  • OKTA-524668: When a worker node was reset, the oag-admin service wasn’t enabled.

Release: 2022.3.1

Deployment date: March 9th 2022

Download: Okta Admin Console (Settings > Downloads)

Release summary

Okta Access Gateway version 2022.3.1 is now Generally Available. This release includes bug fixes, security enhancements, and updated documentation.

Features and enhancements

Fixes

  • OKTA-460824 — Unexpected connection interrupts in the Access Gateway Management console caused /etc/hosts to be truncated.
  • OKTA-464909 — After Access Gateway was updated to version 2022.2.3 or prior reverting, certificates failed to revert to the default *.admin certificate.
  • OKTA-465432 — Load-balanced protected web resources showed status healthy before actual status was determined.
  • OKTA-471190 — After an Admin node was upgraded Access Gateway version 2022.2.3, Worker nodes were unable to synchronize.

Release: 2022.2.3

Deployment date: February 3rd 2022

Download: Okta Admin Console (Settings > Downloads)

Release summary

Okta Access Gateway version 2022.2.3 is now Generally Available. This release includes bug fixes, security enhancements, and updated documentation.

Features and enhancements

  • Access Gateway administrators can now configure load balancing directly in the Admin UI console. Administrators are no longer required to use external load balancing products. Access Gateway can now enable load balancing by application, configure multiple protected web resources, weigh web resources to determine request routing, and enable and track protected web resource health. Access Gateway load balancing is disabled by default, but can be easily enabled and configured from without the Admin UI console for each application instance.
    See Load balancing, Health checks for load balancing, and Enable Access Gateway load balancing in an application for more information.
  • Access Gateway administrators can now use Prometheus and Open Telemetry to monitor the health of Access Gateway instances and clusters. With this update, administrators can monitor Access Gateway in real time, examining a wide range of metrics including Cluster, Disk, CPU, I/O, Networking and more. The monitoring metrics interface is disabled by default, but can be enabled and secured against known IP addresses. In addition, a monitoring package, such as Prometheus.io, should be configured to display metrics and metrics-based queries. See Monitoring metrics, Configure metrics monitoring, and Supported metrics for more information.

Fixes

  • OKTA-446183 - After upgrade to Access Gateway version 2021.11.2, the SNMP agent reported the incorrect node hostname for MIB .1.3.6.1.2.1.1.5.0.
  • OKTA-447523 - Attempts to delete an in-use certificate with the Access Gateway Management console failed.

Release: 2022.1.1

Deployment date: January 12th 2022

Download: Okta Admin Console (Settings > Downloads)

Release summary

Okta Access Gateway version 2022.1.1 is now Generally Available. This release includes bug fixes, security enhancements, and updated documentation.

Features and enhancements

Access Gateway application documentation has been updated to:

Boot strap for Amazon Web Services now available, which defines a minimum AWS deployment for development or test use. See Bootstrap Access Gateway with Amazon Web Services

Fixes

  • OKTA-446257 - After upgrade to Access Gateway version 2021.11.2 the Management console Settings tab can't be displayed.

Release: 2021.12.2

Deployment date: December 8th 2021

Download: Okta Admin Console (Settings > Downloads)

Release summary

Okta Access Gateway version 2021.12.2 is now Generally Available. This release includes bug fixes, security enhancements, and updated documentation.

Features and enhancements

Fixes

  • OKTA-378736 - Access Gateway didn't support sudo command auditing.
  • OKTA-450503 - After upgrading to Access Gateway version 2021.11.2 valid LDAP store passwords containing dashes (-) and underscore (_) were rejected.

Release: 2021.11.2

Deployment date: November 3rd 2021

Download: Okta Admin Console (Settings > Downloads)

Release summary

Okta Access Gateway version 2021.11.2 is now Generally Available. This release includes bug fixes, security enhancements, and updated documentation.

Features and enhancements

  • Access Gateway application documentation has been updated to include configuring Oracle Cloud Infrastructure(OCI) load balancers. See Configure OCI load balancers.

Fixes

  • OKTA-301413 - Access Gateway displayed the default favorite icon rather than the protected web application favorite icon.
  • OKTA-412967 - When admins specified duplicate URIs for application behaviors login, logout, or error, validation silently failed and Access Gateway failed to restart.
  • OKTA-425047 - Access Gateway displayed the incorrect operating system version.
  • OKTA-426851 - Large file upload failed with DNS errors due to shorter-than-expected DNS time to live (TTL) values.
  • OKTA-435826 - After upgrade to Access Gateway v2021.10.2, certificates weren't displayed in the Admin UI console but were visible in the Management console.
  • OKTA-436071 - When a previously valid local IDP was saved, the Admin UI console displayed KeyError: 'privatescheme' and didn't save the definition.

  • OKTA-437366- When workers were being added to an Access Gateway cluster, specifying the admin node as a cluster member caused the Admin UI console to be unavailable. Access Gateway version 2021.11.2 and later prohibit this operation.

Release: 2021.10.2

Deployment date: October 6th, 2021

Download: Okta Admin Console (Settings > Downloads)

Release summary

Okta Access Gateway version 2021.10.2 is now Generally Available. This release includes bug fixes, security enhancements, and updated documentation.

Features and enhancements

  • Access Gateway application documentation has been expanded to include a collection of common application and system tasks. The Common application integration tasks pages detail common tasks performed on applications after configuration. The Manage Access Gateway day to day pages have been reorganized to better describe common Access Gateway system level post deployment tasks.

Fixes

  • OKTA-367737 - Certificates that were successfully uploaded appeared twice when later added to an application.
  • OKTA-394119 - When end users attempted to access a protected web resource over HTTP on port 80, the wrong Resource not found page was displayed.
  • OKTA-416538 - When admins saved allowed IP addresses for Basic monitoring, the full path to configuration file was displayed.

Release: 2021.9.3

Deployment date: September 8th, 2021

Download: Okta Admin Console (Settings > Downloads)

Release summary

Okta Access Gateway version 2021.9.3 is now Generally Available. This release includes new features, bug fixes, and updated documentation.

Important updates

  • The operating system that powers Access Gateway has been updated to take advantage of better support, increased security and stability features, and performance benefits. Customers should not expect any visible differences and are not required to upgrade at this time. Note that in late 2022 we expect to stop supporting older OS versions, particularly CentOS .
    For details on how to upgrade now, see Access Gateway OS.

Features and enhancements

  • Okta Access Gateway now offers the ability to upgrade to a specific version of Access Gateway instead of requiring an upgrade to the latest released version. With this feature, admins now have the option to upgrade to an intermediate version that best meets their needs. Any version released later than the current version is eligible to upgrade to
    Note, selective upgrade is introduced in version 2021.9.3 and will only show intermediate versions as they are released. Selective upgrade is not available prior to version 2021.9.3. See Selective upgrade and Upgrade Access Gateway to a specific version

Fixes

  • OKTA-402842 - When accessing a deep link without a session, and where no session was set to force re-authentication, users were directed to the post login URL instead of the requested URL.
  • OKTA-403972 - Connectivity tests failed if the proxy setting contained a hypen.
  • OKTA-409922 - If a rate limit violation occurred when an application was edited, Access Gateway displayed “application out of sync and needs to be recreated.”
  • OKTA-417066 - Error messages were incorrectly logged by the Open Telemetry metrics collector.
  • OKTA-419103 - When configuring EBS classic applications, correctly configured OID connections displayed errors when validated.
  • OKTA-419682 - After an upgrade the rest basic status endpoint reverted to its default name.

Release: 2021.8.0

Deployment date: August 4th, 2021

Download: Okta Admin Console (Settings > Downloads)

Release summary

Okta Access Gateway 2021.8.0 is now Generally Available. This release includes bug fixes, and updated documentation.

Features and enhancements

  • Okta Access Gateway now has its own dedicated help site: Okta Access Gateway.
    This enhancement offers direct access to independent online help for Access Gateway from help.okta.com.
    Benefits include:

    • Compactly designed, product-centric content
    • Streamlined navigation
    • More efficient content updates and responsiveness to customer feedback

Fixes

  • OKTA-352354 - After logging verbosity was set to ERROR, DEBUG messages were still written to the local log.
  • OKTA-403265 - When an application custom policy was modified to include un-encodable characters, the application was no longer served by Access Gateway.
  • OKTA-414728 - After a high availability worker node was reset, the Access Gateway service wouldn't start.
  • OKTA-416281 - Configuration couldn’t be exported after the bootstrap service was enabled.
  • OKTA-415018 - If a certificate with spaces in the CN name was uploaded, Access Gateway failed and couldn’t be restarted.

Release: 2021.7.3

Deployment date: July 8th, 2021

Download: Okta Admin Console (Settings > Downloads)

Release summary

Okta Access Gateway 2021.7.3 is now Generally Available. This release includes enhancements, bug fixes, and updated documentation.

Features and enhancements

  • Okta Access Gateway now has its own dedicated help site: Okta Access Gateway. This enhancement offers direct access to independent online help for Access Gateway from help.okta.com.
    Benefits include:

    • Compactly designed, product-centric content
    • Streamlined navigation
    • More efficient content updates and responsiveness to customer feedback
  • Okta Access Gateway customers can now download and deploy the Access Gateway virtual appliance on Nutanix Acropolis Hypervisor (Nutanix AHV) a popular hyper-converged infrastructure platform among larger organizations. This provides customers with more options for infrastructure services supported by Access Gateway, including AWS, OCI, VMWare, and now Nutanix.
    See Nutanix deployment for more information.
  • Access Gateway administrators can now use a REST api to pull important Access Gateway performance metrics to monitor the health of their Access Gateway clusters. This is especially beneficial when managing large Access Gateway deployments. With this update, administrators will now be able to see the requests volume for each Access Gateway cluster, number of processed requests, and more. The new REST interface is disabled by default, but can be enabled and secured against only known IP addresses. For added security the endpoint name can be changed at an administrator's discretion.
    See Managing REST API monitoring and Basic REST API monitoring for more information.
  • Protected-policy rule regular expression examples have been updated to support situations where a group occurred last in the expression and was followed by a new line, or the group was not followed by a separator.
    See Protected rule resource matching rule expressions for more information.
  • Access Gateway SNMP now reports the OID (.1.3.6.1.2.1.1.2.0) and SysUptime (.1.3.6.1.2.1.1.3.0) elements.
    See Administer SNMP monitoring for a complete list of reported object ids.

Fixes

  • OKTA-343555 - After successfully establishing a Support VPN connection with a proxy in use, Access Gateway reported a connectivity issue.
  • OKTA-366171 - When an application session timeout was specified with Maximum session duration configuration enabled and Browser and Idle Session configuration disabled, the session cookie duration was reset on page refresh.

Release: 2021.6.2

Deployment date: June 3rd, 2021

Download: Okta Admin Console (Settings > Downloads)

Release summary

Okta Access Gateway 2021.6.2 is now Generally Available. This release includes enhancements, bug fixes, and updated documentation.

Enhancements

  • The Access Gateway SessionCookie field has been renamed to SessionCookieHFL16428SINFE71QMY4V to avoid conflicts with third party cookies.
  • Logout behaviors which specified Use application logout page and a custom logout URL will be automatically migrated to Define a custom logout URL on next configuration change.
    Application behavior remains unchanged.

  • Access Gateway documentation now includes reference architectures for protected application architectures.

Fixes

  • OKTA-337539 - When data store attributes with long Field name values were added or modified, the Access Gateway Admin UI console became unresponsive.
  • OKTA-370270 - Access to Oracle EBS applications intermittently failed and the log message EBS Access Service is not available was displayed in audit logs.
  • OKTA-390524 - When an admin modified a custom policy configuration, syntax errors in previously valid policy custom were not detected.
  • OKTA-394715 -When the SameSite cookie attribute was unset in the Chrome browser, SAML assertions posted to Access Gateway from an Okta org didn’t contain cookies and the resulting requests weren’t mapped to existing sessions.

Release: 2021.5.2

Deployment date: May 4th, 2021

Download: Okta Admin Console (Settings > Downloads)

Release summary

Okta Access Gateway 2021.5.2 is now Generally Available. This release includes enhancements, bug fixes, and updated documentation.

Known issues

  • Syntax errors in a previously valid policy custom configuration can be undetected. Okta recommends that you validate any updated policy custom configuration statements with a new policy that's only used to validate the policy code, and that you discard immediately after validation.

    See Develop advanced Access Gateway policy for more information on creating anadvanced policy.

Enhancements

Fixes

  • OKTA-320126 - After admin renomination was successfully completed, the Access Gateway Management console incorrectly displayed a final status of FAILURE RC=-15.
  • OKTA-362259 - Admins were able to save settings where Idle session duration exceeded Maximum session duration. Additionally, after correcting the error, corrected settings could not be saved.
  • OKTA-366367 - Log rotation failed in Access Gateway versions 2020.12.3 and 2021.1.0.
  • OKTA-370756 - When using the Access Gateway Management console was used to replace a self-signed certificate with a real certificate, an error message briefly appeared and the certificate is not replaced.
  • OKTA-372417 - When the Access Gateway Admin UI console was used to enter a valid protected group rule containing the special character dollar sign($), the rule passed validation but failed back end validation silently.
  • OKTA-377415 - After Access Gateway was upgraded from 2020.2.1 accessing the admin hostname over http on port 80 displayed the wrong Resource not found page.
  • OKTA-380448 - If Force reauthentication at IDP was specified, and no session existed, a SP-initiated login resulted in a Resource not found error.
  • OKTA-381066 - When an application defined logout behavior with a custom URL was specified, and Single LogOut (SLO) was enabled, the custom URL was ignored.


Release: 2021.4.1

Deployment date: March 31st, 2021

Download: Okta Admin Console (Settings > Downloads)

Release summary

Okta Access Gateway 2021.4.1 is now Generally Available. This release includes new features, bug fixes, and updated documentation.

Features

  • Admins can now define Protected Web Resources which are not currently active, generating a warning rather than an error and allowing the application definition to be completed.

Enhancements

Fixes

  • OKTA-366166 - When specifying application session timeouts, admins could disable all session behaviors, which resulted in user reauthentication requests even when the Maximum Session Duration had not been exceeded.
    See Application session timeout interaction for details.
  • OKTA-376110 - Enabling debug mode after upgrading Access Gateway instances to version 2021.02.1 on CentOS 7 caused the Access Gateway Admin UI console and applications to be inaccessible.
  • OKTA-377724 - After updating to the latest release, Access Gateway instances that had previously changed the default Access Gateway Management console password were required to change it again.

Release: 2021.3.6

Deployment date: March 4, 2021

Download: Okta Admin Console (Settings > Downloads)

Release summary

Okta Access Gateway 2021.3.6 is now Generally Available. This release includes new features, bug fixes, and updated documentation.

Features

Enhancements

Fixes

  • OKTA-356503 - After removing all workers from a high availability cluster re-adding a second or subsequent worker failed with synchronization errors.
  • OKTA-366367 - On Access Gateway versions 2020.12.3 and 2021.1.0 log rotation sometimes failed with an error.
  • OKTA-367735 - After a certificate was successfully deleted, the Access Gateway management console continued to display the deleted certificate.
  • OKTA-372468 - When a no proxy list was specified with an Access Gateway proxy, configuration errors occurred because the list was ignored.

Release: 2021.2.1

Deployment date: February 3, 2021

Download: Okta Admin Console (Settings > Downloads)

Release summary

Okta Access Gateway 2021.2.1 is now Generally Available. This release includes new features, bug fixes, and updated documentation.

Features

  • Access Gateway now supports both case-sensitive and insensitive policy URIs. Case-insensitive URIs allow customers to apply the same URI policy regardless of case. This helps admins create a single policy for all case variations instead of managing multiple advanced policies for the same URI. Creating one policy for all case variations saves admins time and makes URIs less vulnerable.
    Because most customers want to treat URIs of different case variants as the same resource, case-insensitive URIs will become the default behavior for all new policies starting with v2021.2.1. Existing policies created prior to v2021.2.1 remain unchanged and will continue to be case-sensitive.
    Okta recommends that customers review all existing policy statements to confirm their behavior matches expectations.
    See Application policy Resource Path precedence and Manage application policy for more information.

Enhancements

Fixes

  • OKTA-320621 - During Oracle EBS app integration, selecting an OID Data Source would cause the associated attribute to be removed from the attribute list and caused all application settings to be uneditable.
  • OKTA-340130 - In situations where a DHCP assigned IP address was not assigned to Access Gateway, the syslog-ng service wouldn't start and the Access Gateway Management console would be unavailable.
  • OKTA-350962 - In the Chrome browser, because the SameSite application attribute was set to none rather than true, requests that originated from a different application resulted in the error iframe is not able to share cookies from browser."
  • OKTA-353959 - When using static networking, the Access Gateway Management console couldn't persist network setting changes if no DHCP server was available.
  • OKTA-361165 - When application session settings were configured as:

    • Browser Session Expiration: disabled
    • Idle Session Duration: disabled
    • Maximum Session Duration: enabled

    Cookies were incorrectly marked as session rather than persistent, and required the user to re-authenticate after reopening the browser, even if maximum session duration hadn't been exceeded.


Release: 2021.1.0

Deployment date: January 9, 2021

Download: Okta Admin Console (Settings > Downloads)

Release summary

Okta Access Gateway 2021.1.0 is now Generally Available. This release includes new features, bug fixes, and updated documentation.

Features

Enhancements

Fixes

  • OKTA-327549 - When a certificate previously associated with an application was deleted on the Access Gateway Management console and application changes were later made on the Access Gateway Admin UI console, user requests for the original application returned Unknown Host.
  • OKTA-329724 - When Browser Session Expiration was enabled on the Access Gateway Admin UI console and the browser session had not expired but reached either idle or maximum session limit, users were unexpectedly redirected to the No session / Session Expired link.
  • OKTA-351762 - On CentOS8, the Access Gateway Management console sometimes displayed subject information for certificate issuer instead of certificate name.

Release: 2020.12.3

Deployment date: December 15, 2021

Download: Okta Admin Console (Settings > Downloads)

Release summary

Okta Access Gateway 2020.12.3 is now Generally Available. This release includes new features, bug fixes, and both new and updated documentation.

Important notes

  • Oracle VirtualBox is only supported for development and testing and is not intended for production use.
  • An upgrade to the Access Gateway Admin UI components is causing the text in the topology view to be enlarged on some browsers. This will be resolved in a future release.

Features

Enhancements

Fixes

  • OKTA-322679 - When Access Gateway had multiple network interfaces, some interfaces didn’t return the instance hostname, and localhost was reported in corresponding log messages.
  • OKTA-350471 - When Access Gateway 2020.11.2 was deployed to VMWare vSphere on a DHCP-disabled network, the instance became unusable if an invalid IP/netmask combination was specified.


Release: 2020.11.2

Deployment date: November 9, 2020

Download: Okta Admin Console (Settings > Downloads)

Release summary

Okta Access Gateway 2020.11.2 is now Generally Available. This release includes vulnerability hardening, new features, bug fixes, and both new and updated documentation.

Features

Enhancements

Fixes

  • OKTA-301413 -Access Gateway returned the default Access Gateway icon instead of the protected web resource icon.
  • OKTA-340130 - When Access Gateway was not assigned a DHCP IP address, the network service failed to start and the Access Gateway Management console failed to start after logging in.
  • OKTA-329128 - When validating database-based datastores, valid Table names were evaluated as invalid unless Advanced query mode was enabled.


Release: 2020.10.5

Deployment date: October 12, 2020

Download: Okta Admin Console (Settings > Downloads)

Release summary

Okta Access Gateway 2020.10.5 is now Generally Available. This release includes bug fixes, and both new and updated documentation.

Important updates
  • The operating system that powers Access Gateway has been updated to take advantage of the more modern capabilities, security features, and performance benefits. Customers should not expect any visible differences and are not required to upgrade at this time. Please note, in late 2021 we expect to stop supporting older OS versions.
    For details on how to upgrade now, see Access Gateway OS

Enhancements

Fixes

  • OKTA-324582 - When adding or modifying applications, valid IP addresses entered in the Public Domain field failed validation with Invalid domain format errors.

Release: 2020.9.3

Deployment date: October 12, 2020

Download: Okta Admin Console (Settings > Downloads)

Release summary

Okta Access Gateway 2020.9.3 is now Generally Available. This release includes enhancements, bug fixes, and both new and updated documentation.

Enhancements

Fixes

  • OKTA-300184 - When using the Access Gateway Admin UI console to update an application, the updates overwrote the Okta org Cross-Origin Resource Sharing (CORS) settings.
  • OKTA-313764 - When configuring the No Session/Session Expired setting on the Access Gateway Admin UI console to force reauthentication, the Resource not found error occurred.
  • OKTA-324392 - When the number of entries for a given host name decreased before a valid Domain Name System (DNS) host name resolution request was initiated, the error attempt to index a nil value appeared in the Lua log and the process timed out.
  • OKTA-325103 - After an upgrade where the Access Gateway node was using a proxy, the Access Gateway Admin UI console would become unreachable with error Admin UI service is not Available.
  • OKTA-325545 - When using the Access Gateway Admin UI console to add or modify an application, valid URLs failed to resolve and the error Domain must resolve in DNS and connect with TCP/IP appeared.

Release: 2020.8.4

Deployment date: August 12, 2020

Download: Okta Admin Console (Settings > Downloads)

Release summary

Okta Access Gateway 2020.8.4 is now Generally Available. This release includes bug fixes only.

Fixes

  • OKTA-321124 - When validating an advanced policy directive, valid directives failed with a Config generation error.

Release: 2020.8.3

Deployment date: August 6, 2020

Download: Okta Admin Console (Settings > Downloads)

Release summary

Okta Access Gateway 2020.8.3 is now Generally Available. This release includes new features, bug fixes, and both new and updated documentation.

Features

Enhancements

  • Documentation has been enhanced to include new log events in support of Trusted domains, Admin renomination and Certificate management.
    See Monitor log Access Gateway monitor log for more information.
  • Documentation restructured and extended for Monitor, Access and Audit logs.

Fixes

  • OKTA-277067 - When adding worker nodes to an Access Gateway cluster, the immutable flag for resolve.conf was not reset, leading to potential DNS issues.
  • OKTA-304742 - Applications updated using the Access Gateway Admin UI console overwrote some Okta Org application settings.
  • OKTA-278891 - Corrects an issue with unauthenticated open redirects.

Release: 2020.7.1

Deployment date: July 7, 2020

Download: Okta Admin Console (Settings > Downloads)

Release summary

The Okta Access Gateway 2020.7.1 is now Generally Available. This release includes new features, bug fixes, and both new and updated documentation.

Features

Enhancements

Fixes

  • OKTA-270300 - In some situations, the Access Gateway Management console didn’t accurately reflect the latest updates.
  • OKTA-270924 - After upgrading to the latest version of Okta Access Gateway, the child menu elements in the Access Gateway Management console still displayed the previous version number.
  • OKTA-294411 - After restoring from a previous backup to a new instance of Okta Access Gateway, the Access Gateway Admin UI console displayed an error message “Admin UI has invalid token.
  • OKTA-297153 - Attributes weren't correctly persisted to LDAP data stores during concurrent updates.
  • OKTA-303208 - During upgrades benign errors were displayed.
  • OKTA-303956 - When using the Access Gateway Management console, admins were able to enter invalid DNS entries.
  • OKTA-304058 - When checking advanced policy during a session timeout where a session integrity check failed, an incorrect error code was returned.
  • OKTA-306020 - After upgrading from Access Gateway 2020.1.0 to 2020.6.3, Admins were unable to login to the Access Gateway Admin UI console. This also happened when upgrading from 2019.4.2 and 2019.4.5 to 2020.6.3.
  • OKTA-309427 - The default Access Gateway error page had a typo.

Release: 2020.6.3

Deployment date: June 3, 2020

Download: Okta Admin Console (Settings > Downloads)

Features

  • Administrators can now delete and rename backups in the Access Gateway Admin UI console.
    For more information see Backup reference.

Enhancements

Fixes

  • OKTA-254374 - When localhost was configured as the DNS nameserver, the Access Gateway Management console displayed the loopback address instead of the hostname.
  • OKTA-286718 - Adding a high availability worker node to an Access Gateway cluster failed with an initialization error.
  • OKTA-288224 - When an Access Gateway disk was at or near full capacity, the SNMP agent stopped working.
  • OKTA-295495 - Duplicate log entries were created when some SNMP error messages were incorrectly marked as INFO instead of ERROR.
  • OKTA-295590 - In some situations, during initial session creation when submitting forms, Access Gateway would redirect GET requests as POST requests.
  • OKTA-298878 - When trying to remove an LDAP data store on the Access Gateway Admin UI console, some data stores incorrectly reported their status as in use.
  • OKTA-298939 - On high availability clusters, worker node events were missing when capturing log events using system loggers.

Release: 2020.5.5

Deployment date: May 5, 2020

Download: Okta Admin Console (Settings > Downloads)

Features

Enhancements

  • Documentation added for Oracle Hyperion applications.
  • Documentation added for Oracle BI Enterprise Edition applications.
  • Documentation added for Oracle Demantra applications.
  • Target specific download links added for Amazon EC2, Microsoft Azure, and VMWare virtual environments.
  • User authentication events are now written to logs.

Fixes

  • OKTA-283885 - In some situations, the Network Connectivity Test in the Access Gateway Management console would fail with an invalid host name error for valid hosts.
  • OKTA-290632 - Access Gateway didn't honor the maximum session duration setting. Some sessions were still valid after the maximum session duration was exceeded.
  • OKTA-291181 - When there was no user session and the behavior Force reauthentication at IdP was enabled, reauthentication didn't occur as expected.

Release: 2020.4.4

Deployment date: April 8, 2020

Download: Okta Admin Console (Settings > Downloads)

Features

Enhancements

Fixes

  • OKTA-275433 - When importing attributes in datastore’s, commas were inserted at the start and end of the attribute list. Removing the commas resulted in a partial list.

Release: 2020.3.3

Deployment date: March 3, 2020

Download: Okta Admin Console (Settings > Downloads)

Enhancements

Fixes

  • OKTA-275362- When modifying the field list in an existing LDAP datastore, removing all fields resulted in a field list with a single non-editable field with a blank name.
  • OKTA-278510 - When initially accessing the Access Gateway Management console, the string "Repodata is over N weeks old. Install yum-cron? Or run yum makecache fast." was inadvertently displayed.
  • OKTA-280578 - After upgrading from Access Gateway version 2020.01.0 or earlier, configuring high availability through the Access Gateway Management console caused the console to stop responding.
  • OKTA-280615 - After upgrading from Access Gateway version 2020.1.0 or earlier, when attempting to place an application in maintenance mode, the Access Gateway Admin UI console would redirect to the application page rather than the maintenance page.

Release: 2020.2.1

Deployment date: February 13, 2020

Download: Okta Admin Console (Settings > Downloads)

Features

  • High Availability is now available.

Enhancements

Fixes

  • OKTA-257420 - When the system time was updated through the Access Gateway Management console, the User-Defined Cookie Domain value and Access Gateway Hostname values were reset.
  • OKTA-274930 - The Unbound networking service log events weren't being captured to the syslog.
  • OKTA-274975 - When using the Access Gateway Admin UI console to create or update EBS applications in high availability clusters, the changes weren't propagated to worker nodes.
  • OKTA-275416 - When performing updates on worker nodes in high availability clusters, the bootstrap process produced an invalid configuration causing the node not to start.
  • OKTA-275757 - The Okta Access Gateway update process deleted the high availability configuration file on admin nodes.
  • OKTA-276986 - When using the Access Gateway Admin UI console to configure datastore definitions in high availability clusters, definitions with names that contain spaces weren't synchronized with worker nodes.

Release: 2020.1.0

Deployment date: January 8, 2020

Download: Okta Admin Console (Settings > Downloads)

Features

  • Documentation is enhanced for examples applications.

Enhancements

Fixes

  • OKTA-252228 - When setting the system time via the Access Gateway Management console (Services > NTP > Set system time), the current date and time was not displayed.
  • OKTA-252305 - When escaping from either of the NTP entry menus the user was returned to the Services menu rather than the NTP menu.
  • OKTA-258911 - When changing session cache, the fixed MB example shows 100MB for the 1000MB example. For more information see the Command Line Console > Services menu.
  • OKTA-262774 - When resetting the system using the management console (System> Reset) Access Gateway as incorrectly identified as SPGateway.
  • OKTA-269513 - When configuring NIC bonding using the management console (Networking >Setup NIC bonding)
    "Error command not found" was displayed and the command failed.

Release: 2019.4.5

Deployment date: December 1, 2019

Download: Okta Admin Console (Settings > Downloads)

Features

  • Access Gateway has been hardened around certain vulnerability issues.
  • Documentation is enhanced for applications, and capacity planning.

Enhancements

Fixes

  • OKTA-258541 - Okta Access Gateway upgrades incorrectly prompted for passwords via sudo.
  • OKTA-257725 - Okta Access Gatewayupgrades failed with EBS SSO Agent errors.

Release: 2019.4.2

Deployment date: October 31, 2019

Download: Okta Admin Console (Settings > Downloads)

Features

  • Access Gateway has been hardened around certain vulnerability issues.
  • Documentation is enhanced for applications, capacity planning and sizing, and ports and protocols. See Access Gateway deployment prerequisites for more information.

Enhancements

Fixes

  • OKTA-245678 - Validation failed when API token is Org + App Admin-scoped.
  • OKTA-252302 - Input validation errors caused Access Gateway to unexpectedly delete ciphers.
  • OKTA-256348 - AutoSession expired when user session creation exceeded one second.
  • OKTA-256778 - NGINX did not restart when updated certificates were in place.
  • OKTA-256796 - Hostname updates in the management console displayed an error.

Release: 2019.2.0

Deployment date: October 2, 2019

Download: Okta Admin Console (Settings > Downloads)

Features

  • Admins can now use the Access Gateway Management console to upgrade their instance of Access Gateway. For more information see Upgrade Access Gateway .
  • Admins can more easily add, update and manage certificates. For more information see Manage certificates and certificate chains.
  • All Access Gateway product and documentation has been updated and re-branded.

Fixes

  • OKTA-249758 - Okta Access Gateway updated to address a reporting error during start up.
  • OKTA-249457 - Okta Access Gateway has been updated to correctly reload its configuration on start or restart.
  • OKTA-247108 - When configuring static networks DNS server is now set correctly.
  • OKTA-244460 - On application logout Access Gateway now correctly destroys session cookies in Internet Explorer 11.
  • OKTA-244453- When editing an existing IWA application, Kerberos realm drop down list is populated with realm selected while adding the application.
  • OKTA-242871- Rapid SSO w/EBS updated to support Internet Explorer.
  • OKTA-251020- Management console now displays memcache statistics.
  • OKTA-249510- Access Gateway Management console enable/disable debug option now functions as expected.
  • OKTA-240656- Duplicate realms no longer displayed when setting Kerberos realm in IIS IWA applications.
  • OKTA-240544- Mixed case public domain entries are now correctly treated as all lower case.
  • OKTA-251603- Application short name is now visible via tooltip when mouse hovers over the application name in the Admin UI.
  • OKTA-243275- Access Gateway Admin UI console now raises errors when invalid domain names are entered due to illegal characters.
  • OKTA-241517- Access Gateway now supports certificate generation in the advanced application settings.
  • OKTA-241516- Empty Protected Web Resource field are now handled correctly.
  • OKTA-241515- Access Gateway now supports custom delimiters and disabling default csv splitting for attribute import.