On This Page
Okta is changing system log data retention windows. System log data is available from
- For orgs created before July 17th, data older than six months will be removed.
- For orgs created on or after July 17th, data older than three months will be removed.
The new data retention policy starts:
- June 7, 2017 for existing preview orgs
- July 17, 2017 for existing production orgs
Preview and production orgs created on or after July 17, 2017, will retain log data for three months.
For the full data retention policy, see our Data Retention Policy (opens new window).
You can export data before Okta deletes it. We recommend using Security Information and Event Management (SIEM) technology or Okta's API.
When using a Social Identity Provider, you can request information in stages. The initial request to
/oauth2/v1/authorize can ask for a minimal set of scopes, and you can add scopes to collect additional user data in a subsequent request to the Social Identity Provider. This reduces friction during sign-in when users don't yet trust your app. For more information, see the descriptions of
idp_scope in the OAuth 2.0 API and OpenID Connect API parameter tables.
- If any sign-in policy using MFA existed for an application, the Open ID Connect reauthentication flow redirected to multi-factor authentication (MFA) by default. (OKTA-129094)
- Clients with
client_secret_postdid not have a selected radio button on the Client Credentials UI (Applications > application name > General). (OKTA-130764)
- If you created a SAML 2.0 Identity Provider but omitted some fields, Okta reported an error. (OKTA-131294)
- Okta Sign-In Widget failed to run when installed with
- Updates to clients sometimes received an error response if they contained values for
- API Access Management customers can no longer self-validate the Okta Access Token. (OKTA-131885)