|Change||Expected in Preview Orgs|
|PKCE for Browser Clients, CORS Headers for OAuth 2 Token Endpoint||March 20, 2019|
|Bugs Fixed in 2019.03.2||March 20, 2019|
Okta now supports Proof Key for Code Exchange (PKCE) for browser clients and returns CORS headers on the OAuth 2.0 Token endpoints.
passwordChangedvalues in API responses. (OKTA-210233)
attributeStatementsobject would not update if a
nullvalue was passed as part of a PUT operation. (OKTA-209767)