- Disambiguate whether the propagation ticket associated to a user is for a grant or revocation.
- Documentation update: Update UAR deadline examples to match ISO8601 format.
- Fixed bug where access expired notifications could be erroneously cleared.
- Added a Create Access Request REST API. Supports requesting access on behalf of a user for multiple resources and groups.
- For ticket-based access propagation, use a different ticket title based on whether it's a propagation or revocation.
- Access review notes will now be correctly saved and retained between refreshes.
- API Changes: The
target_user_id field in the response for GET /requests is now optional.
- Self-hosted: Fix an issue where the Opal application couldn't auto update
- Fix issue when skip-manager is not found from current requesting user
- Fix regression where managers weren't able to request access on behalf of their reports in some cases.
- Fixes UI bug where request button would sometimes show for non-requestable users
- Customers can now control when users are notified that their access to resources and groups will be expiring via an organization setting.
- Handle escalation to skip manager gracefully, in the case of deprovisioned manager user.
- Improvement: Improves interactions between manual / auto AWS import settings
- Fixed bug where Okta group users would not get synced correctly in some cases.
Improvements:
- Improves UAR upload notification
Improvements:
- [Self-hosted] Allows the vault dependency to be disabled
- Adds email / slack notifications when bulk resource uploads complete
