• Fixed health status indicator link.
  • Fixed missing tooltips on resource, group, and app detail pages.
  • Fixed an issue where leading and trailing whitespace in access level names and remote IDs could cause unexpected behavior in access request.

Fix logic for evaluating conditions in request configurations.

  • Fixed an issue with missing app names in UAR when the app doesn't have the right visibility for the reviewer user.
  • On-prem Only: Update may be slow due to database update.
  • Added an option to enable automatic failsafes for Access Rules. Failsafes will trigger in case of pending large changes to the rule user membership and automatically pause the rule.
  • Access Rules can now be paused. User membership will not be automatically synced for paused rules.
  • Fixed an issue where indirect assignments to NHIs were not displaying correctly in the Resources table.
  • Added App Name under item to "Has Access To" column in UAR. This will aid assignments in case of groups or resources with the same name.
  • Forced logout due to an invalid auth session now preserves the current URL
  • Fixed an issue that may cause long 'propagation error' and access request slack messages to fail to send.
  • Improved error handling in access reviews to provide clearer feedback when user data cannot be loaded.
  • Fixes a caching bug loading information about the user who started and ended UARs.
  • Improvements to end user UAR item selection UI.
  • Most visited items page will now also show items with recent sessions for the end user.
  • Fixed an issue with incorrect redirect URLs when approving requests with OIDC MFA.
  • Fixed a bug where Workday validation errors were shown as "Opal Internal Errors".
  • Performance improvements for search and catalog.
  • Added a share button to end user item detail cards to let users easily share links to items.
  • Added description back to catalog item detail cards
  • Custom resources now show their app name in UARs.
  • (Self-Hosted only): Added an option to use Replicated's proxy registry in a helm-only install of Opal.
  • Fixed a bug where filtering events within an item detail page would redirect to the catalog.
  • Fixed a bug where admins would get an incorrect view of bundles in the catalog.
  • Updated UI for the 'Roles' tab on the item detail page.
  • Fixed an issue where Slack channels weren't getting deleted and/or their names were not updated in Opal.
  • Fixed an issue where a user's access expiration could not be updated from the user detail page.
  • Added app permission validations for Google Groups under the app's "Setup" page.
  • Access Reviews now display the app name for custom resources.
  • API: Fixed an issue where the /requests endpoint returned an unlimited amount of user access requests.
  • Fixed an issue causing AWS Identity Center Roles to get deleted when their provisioning status becomes "Outdated" in AWS. This only affected AWS connectors with the "Auto-import provisioned permission sets for each account" import setting.