Changelog

Version 1.978.0

by Giulio
  • Added hovercards to user links on request details page
  • Updated styling to initial import view
  • Fixed an issue where Okta Rules couldn't be imported through the App Import flow.
  • Fixed an issue where tags couldn't be completely removed from a resource.
  • Fixed a sporadic error that would happen when attempting to import some groups or resources for an App.
  • Fixed a bug related to risk center suggestions on Okta groups rules.

API

  • Added a new API endpoint for approving access requests, allowing programmatic approval of pending requests.

Breaking change

  • API endpoints now strictly require bearer token authentication. Session cookies are no longer accepted for API requests, and all API calls must include a valid Authorization header with a Bearer token.

Version 1.977.0

by Evan
  • Added connection names to inventory resource breadcrumbs in the Apps UI, making it easier to identify which connection a resource belongs to.
  • Added link for group user counts.
  • Updated user attribute modal styling to work with dark mode.
  • Fixed an issue with error handling when pulling GCP events for missing projects.

Version 1.976.0

by Evan
  • Disabled the sync button when a sync is currently in progress
  • Fixed settings action going to a new line on smaller screens
  • Added hovercards to requested resources and groups, and inventory source group columns
  • Added a new API endpoint to retrieve information about a specific user's access to a resource, making it easier to programmatically check access details.
  • Disable user team column values when user is an end user
  • Fixed self-hosted and atlassian-hosted options being swapped when connecting to a JIRA integration
  • Fixed filtering by date on bundle events

Version 1.975.0

by Evan
  • Added back "Never Expire" option when bulk updating user access in groups and resources
  • Fixed hovercard subtitles overflowing
  • Improved initial page load performance
  • Fixed a bug in the risk center where counts of unused grants were incorrect.
  • Fixed an issue where untagged resources were not available for manual import under apps with the "Auto-import tagged" import setting.
  • Fixed bug where connect session links weren't working.

Version 1.973.3

by Evan
  • Fixed a rare issue where propagating access expiration would fail if a user had direct and group-sourced access to a GitLab or GitHub repository.

Version 1.973.1

by Evan
  • Fixed resource users not being revoked from resources when their access is expired. Other relationships (group users, group resources, nested groups) were not affected.

Version 1.974.0

by Evan
  • Updated date range dropdown styling
  • Fixed bulk editing styles when in dark mode
  • Fixed a pagination bug on the UAR group review tab.
  • Added validation for Content-Type headers on POST and PUT requests, ensuring they are set to "application/json" to prevent invalid request formats.
  • Added skip-manager's name and image to escalate modal
  • Fixed sync status modal not using full width of table
  • Fixed a race condition issue in sync that would cause it to fail entirely.
  • Support access levels in bundle groups REST API (https://docs.opal.dev/reference/getbundlegroups)
  • Added links for user team and title cells

Version 1.973.0

by Evan
  • Redesigned KBar search interface (command+k / control+k)
  • Updated styles for Add Event Streaming Connection modal
  • Fixed issue where external id was not copyable in the AWS SSO create screen
  • Minor updates to UAR decision selection
  • Fixed scalability of request details view when there are long answers or many custom fields.
  • Bundles API Delete endpoints will not 404 when attempting to delete an already deleted resource
  • Fixed a pagination bug on the risk center.
  • Fixed bug with 'Duplicate Request' button and custom fields.

Version 1.972.0

by Alex
  • Fixed an issue where access review notes weren't being properly saved in certain scenarios.
  • Updated styles for create / edit modals for UAR for better dark mode compatibility
  • New filter design in Risk Center for improved accessibility and visual clarity

Version 1.971.0

by Florie
  • Deprecated USERS_ADDED_TO_RESOURCES, RESOURCE_USERS_UPDATED, and USERS_REMOVED_FROM_RESOURCES events and migrated them to ROLE_ASSIGNMENT_CREATED, ROLE_ASSIGNMENTS_UPDATED, and ROLE_ASSIGNMENTS_DELETED, respectively
  • Added the ability to use Access Rules directly in Access Requests and Visibility Configuration
  • UARs can now be used to review Groups & Resources that Access Rules contain
  • Fixed bug in Snowflake where sync errors occur when there are child roles created with double-quotes
  • Updated direct access only checkbox in resource users
  • Added IDP Status of a user to resources users table