v3.12.0

ENHANCEMENTS:

• Add new okta_app_group_assignments resource #401. Thanks, @edulop91!
• Add new okta_user_group_memberships resource #416. Thanks, @ymylei!
• Add logo and logo_url fields to all the okta_app_* related resources #423 and #514. Thanks, @bogdanprodan-okta and @gavinbunney for the fix!
• Add new okta_group_memberships resource #427. Thanks, @ymylei!
• Add display_name field to the okta_auth_server_scope resource #433. Thanks, @bogdanprodan-okta!
• Add new okta_app_shared_credentials resource #446. Thanks, @bogdanprodan-okta!
• Add groups_claim field to the okta_app_oauth resource #468. Thanks, @bogdanprodan-okta!
• Add wildcard_redirect field to the okta_app_oauth resource #474. Thanks, @bogdanprodan-okta!
• Add new okta_app_group_assignments data source #498. Thanks, @ymylei!
• Add new okta_app_user_assignments data source #501. Thanks, @ymylei!
• Add new okta_user_admin_roles resource #518. Thanks, @gavinbunney!
• Add new okta_factor_totp resource #519. Thanks, @bogdanprodan-okta!
• Add dynamic_proxy_type field to the okta_network_zone resource #522. @gavinbunney!
• Add issuer_mode field to the okta_auth_server_default resource #524. @gavinbunney!
• Add risc_level, behaviors and factor_sequence fields to the okta_policy_rule_signon resource #526. Thanks, @bogdanprodan-okta!
• Add new okta_behavior data source #526. Thanks, @bogdanprodan-okta!
• Add new okta_domain resource #530. Thanks, @bogdanprodan-okta!

BUGS:

• Suppress 404 in case group role was removed outside of the terraform #417. Thanks, @ymylei!
• Don't recreate okta_user resource in case login field is changed #435. Thanks, @ymylei!
• Fixed attribute statements setup for preconfigured apps #439. Thanks, @bogdanprodan-okta!
• Don't recreate schema related resources in case array_enum, array_one_of, enum or one_of have changed @531. Thanks, @bogdanprodan-okta!

Special thanks to @JeffAshton, @jeffg-hpe, @jtdoepke, @thatguysimon, @ymylei, @joshowen, @AlexanderProschek, @gavinbunney for a lot of various documentation fixes and code improvements!!!

v3.11.1

ENHANCEMENTS:

• Add new okta_app_oauth_api_scope resource #356. Thanks, @mariussturm!
• Remove ForceNew in case policy name changes to avoid policy resources recreation #362. Thanks, @me!
• Add hotp factor to the okta_policy_mfa resource #363. Thanks, @me!
• Remove unnecessary validations from the okta_app_oauth resource #372. Thanks, @me!
• Add links field to okta_app, okta_app_saml and okta_app_oauth data sources #374. Thanks, @me!
• Add new okta_auth_server_default resource #375. Thanks, @me!
• Add new okta_policy_mfa_default and okta_policy_password_default resources #378. Thanks, @me!
• Add remove_assigned_users field to the okta_group_rule resource #388. Thanks, @me!
• Add new auth_server_claim_default resource #392. Thanks, @me!
• Add groups and users fields to the okta_app, okta_app_oauth and okta_app_saml data sources #395. Thanks, @me!
• Add id field to the okta_group data source #395. Thanks, @me!
• Add new auth_server_claim_default resource #392. Thanks, @me!
• Add new okta_groups data source #103. Thanks, @bendrucker and @me!
• Several minor bug fixes and enhancements.

BUGS:

• Add group existence check to okta_group_membership resource #380. Thanks, @ymylei!
• Fix group assignment priority in the okta_app_group_assignment resource #381. Thanks, @me!
• Fixed status change in the okta_auth_server_policy_rule resource . Thanks, @me!
• Add operation retry to the okta_group_role resource #390. Thanks, @me!

v3.10.1

ENHANCEMENTS:

• Add retain_assignment field to okta_app_user and okta_app_group_assignment resource #330. Thanks, @Omicron7!
• Add target_app_list field to the okta_group_role resource #349. Thanks, @me!
• Add support for OVERRIDE value in master field and new master_override_priority field to the okta_user_schema resource #351. Thanks, @me!

BUGS:

• Added wait to okta_group_membership resource #335. Thanks, @ymylei!
• Fix set of subject_match_attribute value for okta_idp_oidc resource #344. Thanks, @me!
• Fix resource validation #348. Thanks, @me!
• Fix setup of empty login_scopes for okta_app_oauth resource #352. Thanks, @me!
• Fix okta_group_role when removing all the items from target_group_list #341. Thanks, @me!

v3.10.0

ENHANCEMENTS:

• Add new okta_auth_server_scopes datasource #336. Thanks, @me!
• Add new okta_idp_social datasource #337. Thanks, @me!
• Several minor bug fixes and enhancements.

BUGS:

• Fix preconfigured okta_app_swa creation in case it has more that one sign-on modes #328. Thanks, @me!
• Add force recreate in case okta_app_user_schema changes the scope value since it's a read-only attribute #331. Thanks, @me!
• Fix false positive output when runnning terraform planfor the okta_profile_mapping resource in case delete_when_absent is set to false #332. Thanks, @me!
• Fix okta_app_oauth validation #333 and #340. Thanks, @me!

v3.9.0

ENHANCEMENTS:

• Add new okta_admin_role_targets resource #325. Thanks, @me!
• Add target_group_list field to the okta_group_role resource #256. Thanks, @ymylei!

BUGS:

• Fixed subject_match_attribute setup in the okta_idp_saml resource #320. Thanks, @me!
• Fixed users setup when importing okta_group resource #323. Thanks, @me!

v3.8.0

ENHANCEMENTS:

• Add support for OAuth Authorization for Okta API #290. Thanks, @me!
• Make key_id optional for okta_app_saml_metadata #128. Thanks, @cludden!
• Add new okta_group_membership resource #252. Thanks, @ymylei!
• Add new okta_group_role resource #255. Thanks, @ymylei!
• Add new okta_idp_oidc data source #286. Thanks, @me!
• Add new okta_app_oauth data source #293. Thanks, @me!
• Add new okta_auth_server_policy data source #298. Thanks, @me!
• Add usage field to the okta_network_zone resource #271. Thanks, @me!
• Add okta_email factor to the okta_policy_mfa resource #269. Thanks, @me!
• Add id field to the okta_users data source #288. Thanks, @me!
• Add union field to the app_user_schema resource #291. Thanks, @me!
• Add implicit_assignment field to the okta_app_oauth resource 120. Thanks, Justin Lewis!
• Add issuer and issuer_mode fields to the okta_auth_server data resource #301. Thanks, @me!
• Add login_mode and login_scopes to the okta_app_oauth resource #311. Thanks, @me!
• Add single_logout_issuer, single_logout_url and single_logout_certificate fields to the okta_app_saml resource #307. Thanks, @me!
• Add metadata_url field to the okta_app_saml resource #316. Thanks, @me!
• Remove acs_binding and acs_type from okta_idp_oidc as (they are not supported)[(https://developer.okta.com/docs/reference/api/idps/#oauth-2-0-and-openid-connect-endpoints-object)] by this resource #286. Thanks, @me!
• Deprecate acs_binding argument for okta_idp_saml resource, as it can only be set to HTTP-POST #286. Thanks, @me!
• Add a retry on 404 error in case Okta lagging during resource creation. Thanks, @me!
• Add validation for all URL-type fields.
• Various code improvements and documentation updates. Thanks, @me!

BUGS:

• Ignore special groups (BUILT_IN and APP_GROUP) in the group_memberships field #118. Thanks, @rasta-rocket!
• Fix inline_hooks delete operation if the hooks were removed outside the provider #288. Thanks, @me!
• Fix group_memberships populating in the okta_user data source #284. Thanks, @me!
• Fix terraform import for the app_user_schema resource #291. Thanks, @me!
• Fix delete operation for auth_server_claim resource in case claim has type SYSTEM #283. Thanks, @me!
• Remove redundant description field from the okta_app_saml resource #278. Thanks, @me!
• Add suppress function for the features field in the okta_app_saml resource since it's not currently possible to create/update provisioning features via the API 296. Thanks, @me!
• Remove OAUTH_AUTHORIZATION_POLICY from okta_default_policy and okta_policy since it's not supported by Okta API #298. Use okta_auth_server_policy instead. Thanks, @me!
• Fix status change in the okta_auth_server_policy resource #299. Thanks, @me!
• Fix user_name_template_* fields setup for the apps resource #309. Thanks, @me!
• Fix refresh_token_window_minutes minimum value in the okta_auth_server_policy_rule resource #314. Thanks, @me!
• Fix attribute_statements field validation in the okta_app_saml resource #313. Thanks, @me!

v3.7.4

ENHANCEMENTS:

• Add dependabot to automate dependency updates #259. Thanks @jlosito!
• Add max_clock_skew property to IdP SAML resource #263. Thanks @me!

BUGS:

• Fix panic caused by a null pointer in okta_policy_password resource. #262. Thanks @me!
• Add retries for creating/updating okta_user_schema resource. #262. Thanks @me!

v3.7.3

ENHANCEMENTS:

• Add call recovery for Okta password policy #248. Thanks @me!
• Update docs for okta_group datasource #251. Thanks @ymylei!
• Adds pattern property for okta_*_schema resources #159. Thanks @fitzoh and @me!
• Add retries on connection timeouts errors #246. Thanks @me!

BUGS:

• Fixed rule handling with INVALID status #250. Thanks @ymylei!

v3.7.2

ENHANCEMENTS:

• Add logs to the group data source for different cases #150. Thanks @nathanbartlett!
• Added missing documentation #245. Thanks @me!

BUGS:

• Fix default name for idp_discovery #244. Thanks @nickerzb!
• Fix okta auth server policy rule resource causing panic #245. Thanks @SBerda for submitting the issue and @me for fixing it!
• Fix key_years_valid defaulting to 2 during resource import #245. Thanks @btsteve for submitting the issue and @me for fixing it!

v3.7.1

ENHANCEMENTS:

• Add validation for user type #242.

BUGS:

• Fix state refresh for okta_user_base_schema and okta_user_schema #242.