Back to monitors
Informational AI classification

Version bump 2026.06.2 → 2026.06.3, SKU metadata cleared

The API version was incremented from 2026.06.2 to 2026.06.3, and the SKUs field in the x-okta-lifecycle metadata was changed from listing ["API Access Management"] to an empty array [] across all authorization server endpoints. This is a metadata change with no impact on endpoint behavior, request/response schemas, or authentication requirements.

Alert history

  • Informational

    Version bump 2026.06.2 → 2026.06.3, SKU metadata cleared

    The API version was incremented from 2026.06.2 to 2026.06.3, and the SKUs field in the x-okta-lifecycle metadata was changed from listing ["API Access Management"] to an empty array [] across all authorization server endpoints. This is a metadata change with no impact on endpoint behavior, request/response schemas, or authentication requirements.

  • Informational

    DevicePostureCheck endpoints lifecycle status updated to LIMITED_GA

    Three DevicePostureCheck endpoints (GET and DELETE on device posture checks collection and detail resource) have been reclassified from general availability (GA) to limited general availability (LIMITED_GA), and now require the Okta Identity Engine SKU. This is a product availability change that may affect feature access planning, though it does not alter the functional API contract.

  • Informational

    DevicePostureCheck endpoints moved from EA to GA

    Three DevicePostureCheck endpoints (GET /api/v1/device-posture-checks, GET /api/v1/device-posture-checks/{id}, and DELETE /api/v1/device-posture-checks/{id}) transitioned from Early Access (EA) to General Availability (GA). The x-okta-lifecycle metadata changed from lifecycle: EA with isGenerallyAvailable: false to lifecycle: GA with isGenerallyAvailable: true, and the SKUs field was removed. This is a status update indicating feature maturation but does not change the functional API contract.

  • Informational

    Update lifecycle status for bot protection and telephony provider APIs

    The specification updates lifecycle statuses for three feature groups: Bot Protection endpoints transition from EA to LIMITED_GA; Custom Telephony Provider endpoints transition from EA to GA; and SCIM submission examples along with related schemas transition from isGenerallyAvailable: false to isGenerallyAvailable: true. These are documentation-only changes indicating maturity progression of existing APIs with no impact on API functionality or contracts.

  • Breaking

    Okta Management API 2026.05.1: schema changes, scope removals, new tag

    This version bump (2026.03.0 → 2026.05.1) includes several potentially breaking changes alongside additive ones:

    • WorkflowsValidationError schema breaking change: The result property (a $ref to WorkflowsValidationErrorType enum) is removed and replaced with new required string fields code, flowName, message, and link. The WorkflowsValidationErrorType enum schema is also removed entirely. Any code deserializing this response shape will break.
    • OAuth scopes removed: okta.authenticators.manage.self, okta.manifests.manage, okta.manifests.read, okta.operations.read, okta.privilegedResources.manage, okta.privilegedResources.read, okta.riskEvents.manage, okta.riskProviders.manage, okta.riskProviders.read, okta.users.manage.self, and okta.users.read.self are no longer listed in the security scheme scopes — clients requesting these scopes may receive errors.
    • New OktaManagedUserAccount tag added (new API surface for managing Okta users via Okta Privileged Access) — purely additive.
    • Documentation updates: Policy type SIGN_ON renamed to OKTA_SIGN_ON in docs; new SESSION_VIOLATION_DETECTION and IDENTITY_CLAIM_SOURCING policy types documented; WebAuthn rebrand to Passkey (FIDO2 WebAuthn) finalized with no parameter name changes.