Okta Identity Governance release notes

Separation of duties is generally available in Preview environments

Use Separation of duties (SOD) rules to define which combinations of entitlements create conflicts of interest in an org. Divide tasks and responsibilities using these rules so that the same user in an org doesn't have control over all aspects of a critical process. You can configure SOD rules to help reduce the risk of error, fraud, or unauthorized actions. With SOD rules, you can adopt a two-pronged approach to manage conflicting entitlement assignments – preventative and remediative.

• Use Access Requests to specify whether users are allowed (or allowed with custom settings) or blocked from requesting access that can cause an SOD rule conflict. You can also run the Past Access Requests (Conditions) report to view access requests that have an SOD rule conflict using the Conflict name column.

• Use Access Certifications to review and remediate existing user access if they have an SOD rule conflict by running a resource campaign.

See Separation of duties, Configure settings for access requests, and Create resource campaigns.

User-friendly group display name and description is generally available in Preview environments

Use the endUserDisplayName and endUserDisplayDescription group profile attributes to set a display name and description for an Okta group. After you set these, they are visible to requesters and approvers and provide context when they request or approve access. See Update group profile attributes for Access Requests.

Visibility for Entitlement value description

The Entitlement value description option is now available in the Contextual Information section on the Access Certifications Settings page. This option allows reviewers to view the description of an entitlement value for entitlements (including entitlements in a bundle) in the Review details panel for a review item. Additionally, admins and reviewers can also select the Entitlement value description option from the Customize view menu to add that as a column in their review table.

New look and feel in Access Requests is generally available in Preview environments

The Access Requests console and Okta Access Requests web app now have a new look and feel, including redesigned side and top navigation menus and the addition of a gray background. Additionally, Dark mode is no longer available in the Access Requests.

Fixes

• Admins were unable to access the Resource Collections page in orgs whose authentication policy triggered a redirect flow. (OKTA-899711)