On This Page
|Change||Expected in Preview Orgs|
|Logging of successful password import||May 6, 2020|
|Rate limit headers no longer returned on cached static endpoints||May 6, 2020|
|OAuth for Okta enabled for Trusted Origins, Sessions, and Custom Templates APIs||May 6, 2020|
|Updated behavior for logging of invalid use by OAuth 2.0 Client||May 6, 2020|
|Bugs fixed in 2020.05.0||May 6, 2020|
A System Log Event is now generated with details about the success or failure of the password import attempt when a user with an imported password has successfully signed in to Okta.
Rate limits do not apply to these OAuth public metadata endpoints, so rate limit headers will no longer be returned:
The previously announced logging behavior has been updated. Invalid
client_secret warnings are now triggered by 5 invalid attempts (consecutive or not) within a 24 hour period.
- When signing in a federated user using the
/oauth/v1/authorizeendpoint with consent enabled and the
promptparameter set to
login, the Sign-In Widget failed with an error. (OKTA-290760)