This SDK uses semantic versioning and follows Okta's library version policy. In short, we do not make breaking changes unless the major version changes!
Version 3.0.0 of this SDK introduces a number of breaking changes from previous versions. In addition to many new classes/interfaces, some existing classes/interfaces are no longer backward compatible due to method renaming and signature changes.
Custom HOTP Factor is supported now. Define a separate Policy model for Authorization Servers. Define a separate Policy Rule model for Authorization Servers. SAML Multiple ACS URLs is supported now.
Below method has been added.
void deleteIdentityProviderKey(String keyId)
Below methods have undergone a signature change.
-
listGroups(String groupName, String filter)
signature changed tolistGroups(String groupName, String filter, String expand)
- New param
expand
has been added. It isoptional
and would need to be specified only while using search queries.
- New param
-
listPolicies(String type)
return type changed fromcom.okta.sdk.resource.policy.PolicyList
tocom.okta.sdk.resource.authorization.server.AuthorizationServerPolicyList
The method ClientBuilder setPrivateKey(String privateKey)
has been overloaded.
- The method
ClientBuilder setPrivateKey(String privateKey)
could be used to set a path to private key PEM file. - Also, the method
ClientBuilder setPrivateKey(String privateKey)
could be used to set full PEM payload. - The method
ClientBuilder setPrivateKey(Path privateKeyPath)
allows setting a path to private key PEM file. - The method
ClientBuilder setPrivateKey(InputStream privateKeyStream)
allows setting an InputStream with private key PEM file content. - The method
ClientBuilder setPrivateKey(PrivateKey privateKey)
allows setting the privateKey instance.
This is a newly created interface with methods listed below.
Integer getIndex()
AcsEndpoint setIndex(Integer index)
String getUrl()
AcsEndpoint setUrl(String url)
- Added
ApplicationGroupAssignment createApplicationGroupAssignment(String groupId)
method.- This method allows assigning a group to an Application.
Below methods have been added.
OpenIdConnectApplicationSettingsRefreshToken getRefreshToken()
OpenIdConnectApplicationSettingsRefreshToken setRefreshToken(OpenIdConnectApplicationSettingsRefreshToken refreshToken)
OpenIdConnectApplicationSettingsClientKeys getJwks()
OpenIdConnectApplicationSettingsClient setJwks(OpenIdConnectApplicationSettingsClientKeys jwks)
This is a newly created interface with methods listed below.
JsonWebKeyList getKeys()
OpenIdConnectApplicationSettingsClientKeys setKeys(JsonWebKeyList keys)
This is a newly created interface with methods listed below.
Integer getLeeway()
OpenIdConnectRefreshTokenRotationType getRotationType()
OpenIdConnectApplicationSettingsRefreshToken setLeeway(Integer leeway)
OpenIdConnectApplicationSettingsRefreshToken setRotationType(OpenIdConnectRefreshTokenRotationType rotationType)
With the introduction of enum type OpenIdConnectRefreshTokenRotationType
,
operations getRotationType()
and setRotationType(OpenIdConnectRefreshTokenRotationType rotationType)
will use this new enum type.
Enum OpenIdConnectRefreshTokenRotationType
has the below fields defined:
ROTATE("rotate")
STATIC("static")
Below methods have been added.
List getAcsEndpoints()
Boolean getAllowMultipleAcsEndpoints()
SamlApplicationSettingsSignOn setAcsEndpoints(List<AcsEndpoint> acsEndpoints)
SamlApplicationSettingsSignOn setAllowMultipleAcsEndpoints(Boolean allowMultipleAcsEndpoints)
This is a newly created interface with methods listed below.
SamlApplicationSettings getSettings()
SamlApplicationV1 setSettings(SamlApplicationSettings settings)
Below methods have been added.
String getFilterType()
String getFilterValue()
SamlAttributeStatement setFilterType(String filterType)
SamlAttributeStatement setFilterValue(String filterValue)
Below methods have undergone a signature change.
createPolicy(com.okta.sdk.resource.policy.Policy policy)
signature changed tocreatePolicy(com.okta.sdk.resource.authorization.server.AuthorizationServerPolicy policy)
, return value type changed fromcom.okta.sdk.resource.policy.Policy
tocom.okta.sdk.resource.authorization.server.AuthorizationServerPolicy
getPolicy(String policyId)
return type changed fromcom.okta.sdk.resource.policy.Policy
tocom.okta.sdk.resource.authorization.server.AuthorizationServerPolicy
listPolicies()
return type changed fromcom.okta.sdk.resource.policy.PolicyList
tocom.okta.sdk.resource.authorization.server.AuthorizationServerPolicyList
updatePolicy(String policyId, com.okta.sdk.resource.policy.Policy policy)
signature changed toupdatePolicy(String policyId, com.okta.sdk.resource.authorization.server.AuthorizationServerPolicy policy)
, return value type changed fromcom.okta.sdk.resource.policy.Policy
tocom.okta.sdk.resource.authorization.server.AuthorizationServerPolicy
This is a newly created interface with methods listed below.
AuthorizationServerPolicyRule createPolicyRule(String authServerId, AuthorizationServerPolicyRule policyRule)
void deletePolicy(String policyId)
PolicyRuleConditions getConditions()
Date getCreated()
String getDescription()
Map<String, Object> getEmbedded()
String getId()
Date getLastUpdated()
Map<String, Object> getLinks()
String getName()
AuthorizationServerPolicyRule getPolicyRule(String authServerId, String ruleId)
Integer getPriority()
StatusEnum getStatus()
Boolean getSystem()
PolicyType getType()
AuthorizationServerPolicyRuleList listPolicyRules(String authServerId)
AuthorizationServerPolicy setConditions(PolicyRuleConditions conditions)
AuthorizationServerPolicy setDescription(String description)
AuthorizationServerPolicy setName(String name)
AuthorizationServerPolicy setPriority(Integer priority)
AuthorizationServerPolicy setStatus(StatusEnum status)
AuthorizationServerPolicy setSystem(Boolean system)
AuthorizationServerPolicy setType(PolicyType type)
AuthorizationServerPolicy updatePolicy(String policyId, AuthorizationServerPolicy policy)
With the introduction of enum type AuthorizationServerPolicy$StatusEnum
,
operations getStatus()
and setStatus(StatusEnum status)
will use this new enum type.
Enum StatusEnum
has below fields defined:
ACTIVE("ACTIVE")
INACTIVE("INACTIVE")
This is a newly created interface with methods listed below.
void activate()
void deactivate()
deletePolicyRule(String authServerId)
AuthorizationServerPolicyRuleActions getActions()
AuthorizationServerPolicyRuleConditions getConditions()
Date getCreated()
String getId()
Date getLastUpdated()
String getName()
Integer getPriority()
StatusEnum getStatus()
Boolean getSystem()
TypeEnum getType()
AuthorizationServerPolicyRule setActions(AuthorizationServerPolicyRuleActions actions)
AuthorizationServerPolicyRule setConditions(AuthorizationServerPolicyRuleConditions conditions)
AuthorizationServerPolicyRule setName(String name)
AuthorizationServerPolicyRule setPriority(Integer priority)
AuthorizationServerPolicyRule setStatus(StatusEnum status)
AuthorizationServerPolicyRule setSystem(Boolean system)
AuthorizationServerPolicyRule setType(TypeEnum type)
AuthorizationServerPolicyRule update(String authServerId)
With the introduction of enum type AuthorizationServerPolicyRule$StatusEnum
, operations getStatus()
and setStatus(StatusEnum status)
will use this new enum type.
Enum StatusEnum
has below fields defined:
ACTIVE("ACTIVE")
INACTIVE("INACTIVE")
This is a newly created interface with methods listed below.
TokenAuthorizationServerPolicyRuleAction getToken()
AuthorizationServerPolicyRuleActions setToken(TokenAuthorizationServerPolicyRuleAction token)
This is a newly created interface with methods listed below.
ClientPolicyCondition getClients()
GrantTypePolicyRuleCondition getGrantTypes()
PolicyPeopleCondition getPeople()
OAuth2ScopesMediationPolicyRuleCondition getScopes()
AuthorizationServerPolicyRuleConditions setClients(ClientPolicyCondition clients)
AuthorizationServerPolicyRuleConditions setGrantTypes(GrantTypePolicyRuleCondition grantTypes)
AuthorizationServerPolicyRuleConditions setPeople(PolicyPeopleCondition people)
AuthorizationServerPolicyRuleConditions setScopes(OAuth2ScopesMediationPolicyRuleCondition scopes)
This is a newly created interface with methods listed below.
Integer getAccessTokenLifetimeMinutes()
Integer getRefreshTokenLifetimeMinutes()
Integer getRefreshTokenWindowMinutes()
TokenAuthorizationServerPolicyRuleAction setAccessTokenLifetimeMinutes(Integer accessTokenLifetimeMinutes)
TokenAuthorizationServerPolicyRuleAction setRefreshTokenLifetimeMinutes(Integer refreshTokenLifetimeMinutes)
TokenAuthorizationServerPolicyRuleAction setRefreshTokenWindowMinutes(Integer refreshTokenWindowMinutes)
Below method has been removed.
deleteSigningKey(String keyId)
The Interface has been removed.
The Interface com.okta.sdk.resource.authorization.server.AuthorizationServerPolicyList
should be used instead.
This is a newly created interface with methods listed below.
String getFactorProfileId()
CustomHotpUserFactorProfile getProfile()
CustomHotpUserFactor setFactorProfileId(String factorProfileId)
CustomHotpUserFactor setProfile(CustomHotpUserFactorProfile profile)
This is a newly created interface with methods listed below.
String getSharedSecret()
CustomHotpUserFactorProfile setSharedSecret(String sharedSecret)
Below method has undergone a signature change.
getExpiresAt()
return type changed fromString
toDate
- The property's
expiresAt
type is a date-time string, so it becomes convenient to useDate
type
- The property's
Below methods have been renamed for the sake of clarity.
- Renamed
getWorkerFactor()
togetWorkFactor()
- Renamed
setWorkerFactor(Integer workFactor)
tosetWorkFactor(Integer workFactor)
Below methods have been added.
UserBuilder setType(UserType userType)
UserBuilder setType(String userTypeId)
UserBuilder usePasswordHookForImport()
UserBuilder usePasswordHookForImport(String type)
Version 2.0.0 of this SDK introduces a number of breaking changes from previous versions. In addition to many new classes/interfaces, some existing classes/interfaces are no longer backward compatible due to method renaming and signature changes.
This means that you will now have to start using the new *UserFactor
objects instead.
Below methods have been renamed for the sake of clarity.
- Renamed
createRule
tocreateGroupRule
- Renamed
getRule
togetGroupRule
- Renamed
listRules
tolistGroupRules
Below API has undergone a signature change.
listUsers(String q, String filter, String format, String search, String expand)
Signature changed tolistUsers(java.lang.String q, java.lang.String filter, java.lang.String search, java.lang.String sortBy, java.lang.String sortOrder)
Note that the params format
and expand
have been removed. New params sortBy
and sortOrder
have been added. These are optional and would need to be specified only while using search queries.
The API used to get log info has undergone a signature change (note the order swap of until
and since
parameters).
getLogs(String until, String since, String filter, String q, String sortOrder)
Signature changed togetLogs(Date since, Date until, String filter, String q, String sortOrder)
The API used to list the groups to which a user belongs, has undergone a signature change.
There is no need for supplying the expand
parameter anymore.
-
listGroups(String q, String filter, String expand)
Signature changed tolistGroups(String q, String filter)
- With this removal of
expand
parameter, the caller has two options of achieving the previous result: - Make a second API call to the Group API and fetch the results.
- You can call the Groups API endpoint (or any Okta management API endpoint) using a syntax like below example:
// List Groups API, see: https://developer.okta.com/docs/reference/api/groups/#list-groups GroupsList result = client.http() .addQueryParameter("expand", true) .get("/api/v1/groups", GroupsList.class);
- With this removal of
-
Note that the support for
expand
parameter might go away anytime in the future.
Below APIs have undergone a name change.
getTargetUrl
Renamed togetTargetURL
setTargetUrl
Renamed tosetTargetURL
With the introduction of enum type com.okta.sdk.resource.group.GroupType
, the get group type operation will now make
use of this new enum type instead of the String
type used earlier.
getType
Return type changed fromString
to an enumcom.okta.sdk.resource.group.GroupType
The properties allGroupsValid
& _embedded
were not used by the backend earlier and were always set to null
.
As part of this upgrade, we will remove it from the method signatures.
- Removed
getAllGroupsValid
andsetAllGroupsValid
(propertyallGroupsValid
is being removed; this option would be removed from future versions of Okta API) - Removed
getEmbedded
(property_embedded
is removed; this property is undocumented in Okta API and hence being removed) delete(Boolean removeUsers)
Signature changed todelete()
The API to get log credential provider used to return a list of objects of type LogCredentialProvider
earlier.
This is now fixed to return a single object of type LogCredentialProvider
.
getCredentialProvider
Return type changed fromList<com.okta.sdk.resource.log.LogCredentialProvider>
tocom.okta.sdk.resource.log.LogCredentialProvider
The API to get log credential type used to return a list of objects of type LogCredentialType
earlier.
This is now fixed to return a single object of type LogCredentialType
.
getCredentialType
Return type changed fromList<com.okta.sdk.resource.log.LogCredentialType>
tocom.okta.sdk.resource.log.LogCredentialType
There is no need of exposing setter for the read-only
property id
.
- Removed
setId
(propertyid
isread-only
)
The property tokenLifetimeSeconds
will not used by the backend going forward.
- Removed
getTokenLifetimeSeconds
&setTokenLifetimeSeconds
(propertytokenLifetimeSeconds
is removed)
With the introduction of enum type com.okta.sdk.resource.role.RoleType
, the getter/setter for role type operation will now make
use of this new enum type instead of the String
type used earlier.
getType
Return type changed fromString
to an enumcom.okta.sdk.resource.role.RoleType
setType
Param type changed fromString
to an enumcom.okta.sdk.resource.role.RoleType
The below method names have been refactored to be more apt:
- Renamed
addGroupTarget
toaddGroupTargetToRole
- Renamed
addRole
toassignRole
- Renamed
listGroupTargetsForRole
tolistGroupTargets
- Renamed
removeGroupTargetFromRole
toremoveGroupTarget
- Renamed
addFactor
toenrollFactor
- Renamed
listRoles
tolistAssignedRoles
The forgotPassword
method has been removed. Use resetPassword
instead to achieve the same functionality.
The endAllSessions
method has been removed. Use clearSessions
instead to achieve the same functionality.
Following methods have undergone a return type change inline with the refactoring of UserFactor*
objects as mentioned above.
listSupportedFactors
Return type changed fromcom.okta.sdk.resource.user.factor.FactorList
tocom.okta.sdk.resource.user.factor.UserFactorList
getFactor
Return type changed fromcom.okta.sdk.resource.user.factor.Factor
tocom.okta.sdk.resource.user.factor.UserFactor
listFactors
Return type changed fromcom.okta.sdk.resource.user.factor.FactorList
tocom.okta.sdk.resource.user.factor.UserFactorList
The expirePassword
Return type changed from com.okta.sdk.resource.user.TempPassword
to com.okta.sdk.resource.user.User
The reset password method will no longer need a provider argument.
resetPassword(String provider, Boolean sendEmail)
Signature changed toresetPassword(Boolean sendEmail)
The property emails
was not used by the backend and was always null
hitherto.
- Removed
getEmails
&setEmails
(propertyemails
was removed)
Below SDK classes/interfaces are deprecated and will be removed from this project.
These SDK classes were previously moved to okta-commons-java).
- com.okta.sdk.authc.credentials.ClientCredentialsProvider
- com.okta.sdk.client.Proxy
- com.okta.sdk.http.HttpMethod
- com.okta.sdk.http.HttpRequest
- com.okta.sdk.http.HttpRequestBuilder
- com.okta.sdk.http.HttpRequests
- com.okta.sdk.http.UserAgentProvider
- com.okta.sdk.lang.Assert
- com.okta.sdk.lang.Classes
- com.okta.sdk.lang.Collections
- com.okta.sdk.lang.Duration
- com.okta.sdk.lang.InstantiationException
- com.okta.sdk.lang.Instants
- com.okta.sdk.lang.Locales
- com.okta.sdk.lang.Objects
- com.okta.sdk.lang.Strings
- com.okta.sdk.lang.UnknownClassException