Edit Page

Release 2017.30

Platform Features

These platform features are GA in preview orgs (as of Release 2017.28), and expected to roll out as GA to production orgs during the week of August 7, 2017:

This platform feature enhancement is EA in preview orgs with this release and expected in production orgs the week of July 31, 2017. To enable an EA feature, contact Okta Support.

For information about Early Access (EA) and General Availability (GA), see Okta Release Lifecycle.

OpenID Connect

OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol, which allows computing clients to verify the identity of an end user based on the authentication performed by an authorization server, as well as to obtain basic profile information about the end user in an interoperable and REST-like manner. In technical terms, OpenID Connect specifies a RESTful HTTP API, using JSON as a data format.

OpenID Connect allows a range of clients, including Web-based, mobile, and JavaScript clients, to request and receive information about authenticated sessions and end users. The specification suite is extensible, supporting optional features such as encryption of identity data, discovery of OpenID Providers, and session management.

Okta is certified for OpenID Connect. For more information, see OpenID Connect and Okta.

Key Rollover

We provide the ability to generate a certificate with specified validity period (see the Apps API and Identity Providers API). We build OpenID Connect and API Access Management on this feature.

Email for Two-Factor Authentication

You can enroll a user with an email factor. See Enroll Okta Email Factor for details.

Platform Bugs Fixed

These platform bug fixes are in preview orgs with this release and expected in production orgs the week of July 31, 2017.

  • Under some circumstances users who did not have a secondary email address could not perform a self-service password reset operation. (OKTA-128340)

  • “When the expand parameter was set in GET requests to /api/v1/groups, the second and subsequent pages of the response did not have the same expand setting. (OKTA-132503)

  • /oauth2/v1/clients returned HTTP status code 200 rather than 201 when creating a client successfully. (OKTA-128839)

  • /api/v1/authorizationServers returned HTTP status code 200 rather than 201 when creating an Authorization Server successfully. (OKTA-128839)

  • /oauth2/v1/clients/{clientId} returned HTTP status code 404 rather than 401 when it did not find the specified client. (OKTA-130804, OKTA-130848)

Does Your Org Have This Change Yet?

To verify the current release for an org, click the Admin button and check the footer of the Dashboard page.

Release Number in Footer

Looking for Something Else?