Bug fixes

• Fixed creating Okta Groups and Google Groups from Opal

Bug Fixes

• Fixed Select all button not being clickable

• Fixed access review name filters not working

Added

• Added feature to quickly re-request access to resources in Slack
• Added feature to extend access to requests in the Opal UI and Slack, configurable when editing resources
• Added the ability to star resources as Favorites in the Catalog

Added

• Added visibility toggle to AWS credentials on Connect page

Improved

• Added support for user deprovisioning through IdP integration - if user deprovisioning is enabled in your organization, deprovisioning a user in your IdP(s) will automatically deprovision them from any apps where you have configured deprovisioning

Bug Fixes

• Fixed date picker in UAR flow that was causing incorrect dates to be used
• Fixed modal behavior to properly close when navigating forward/backward in browser
• Fixed issue that was breaking the sign-in flow when accessing deep links into Opal

Changed

• Disallow read-only admins from hiding/unhiding grants from Risk Center

Added

• Added a new API endpoint to create or update individual IDP group mappings, allowing for more granular control when managing group mappings

Improved

• Improved the access review preview interface with better handling of items that have no reviews, making it easier to identify which connections, groups, and resources will generate review items
• Reworked bulk update and bulk import logic to offload large tasks to be asynchronous, large item updates will be processed in the background and will notify admins in case of success or failure
• Masked AWS Credential values on the resource Connect screen
• If user deprovisioning is enabled for your organization, a user's assignment to an app can be reviewed in UARs only if deprovisioning has been explicitly enabled for the app. Deprovisioning can be enabled for: Okta, Salesforce, PagerDuty, Duo, Google Workspace. If this feature is not enabled on your organization, existing behaviour is unaffected.
• Enhanced access review capabilities for custom connectors when user deprovisioning is enabled
• Cleaned up interaction with adding/removing reviewers in request configuration

Bug Fixes

• Fixed a bug where propagation events would not be created for user provisioning
• Fixed a bug where the resource/group configuration form could error out when setting or unlinking a template

Added

• Added links to configuration template label on detail cards
• Added back option to set recommended duration as Permanent in request configurations
• Added copy name as link to catalog cards

Bug Fixes

• Fixed bug where Jira tickets don't have their reporter set if your Jira Data Center instance uses non-email usernames (requires Jira Data Center version 8.14 or later)
• Fixed REST API logging error for status codes

Bug Fixes

• Fixed Approve OpenAPI endpoint which would error in some cases

• Fixed issue where Escalate to skip-manager modal was showing the viewer's skip manager instead of the target user's skip manager

• Fixed API bug where importing a child resource would fail if the parent resource was unmanaged

Improved

• Updated styling for access review overview

Improved

• Updated Slack message preview for Soon To Expire Access messages to display the asset and time until expiration

• Updated group more actions button design and functionality

• Updated duration events to display as durations properly instead of timestamps

• Updated toast notifications to automatically disappear after 4 seconds by default

• Updated design for catalog cards with improved visual styling

Added

• Added ENTITY_TAG_ADDED events when tags are attached to a group/resource/user
• Added ENTITY_TAG_REMOVED events when tags are removed from a group/resource/user

Improved

• Improved performance of visibility group selector
• Improved user resource and groups tables' performance with unmanaged resources on web
• Improved user resources API endpoint performance with unmanaged resources and proper pagination
• Improved Jira ticket creation to handle suspended or inactive reporters gracefully
• Ticket creation is no longer cancelled if Jira Service Management projects are missing the opal-specific request type "Access Change - Opal"

Bug Fixes

• Fixed break glass users dropdown displaying when not in edit mode
• Fixed Dashboard page date range selector
• Fixed incorrect display of human users in Databricks groups' "Non-Human Access" tab

Bug Fixes

• Fixed bulk selecting functionality on resource groups when multiple roles are assigned

• Fixed audit tickets not updating their status properly

• Fixed ticket creation failures in Jira Service Management projects when required fields were missing

Improved

• Updated manual sync toast notifications to automatically close after success or failure states