4.8.0

Added platform category Vault for connectors.

Updated the Google Apps connector (agtgapps) to add support for clearing app-specific passwords, backup verification codes, third-party tokens, and to disable two-step verification as part of the reset, disable, delete and update operations.

Added functionality to the Bravura Safe user management (agtbsafe-user) (2025+) connector for:

Added functionality to the Bravura Safe (agtbsafe) (2025+) connector for:

Fixed an issue with the loadcvagents utility that would previously prevent Customer-Verified connectors that were in the Bravura Security Fabric instance from being upgraded.

Updated Active Directory (agtaddn) computer attribute listing to exclude msDS-RevealedUsers and msDS-AuthenticatedToAccountList, as these lengthy multi-valued attributes exceed the discovery queue size limit.

Fixed an issue in Bravura Safe 2025 connectors (agtbsafe25, agtbsafe25-user) during listing when multiple organizations are present. Improved error logging in the connectors and prevented them from accidentally logging the administrator password.

Resolved an issue with the SAP Server (Netweaver 7.5+) connector (agtsapnw) when listing users filtered with a selection range to add more than one selection criterion.  This was previously causing an issue where only one selection range could be listed.

Updated the unixssh.py script for the Python connectors to allow for a dot/period as an allowed character for user/account IDs.

Fixed an issue with the DUO Authentication (agtduo) connector for challenge response authentication when a user does not have any DUO authentication methods configured.

Modified the Okta connector (agtokta) to only show one challenge response option for the Okta Verify method for the OTP codes. This also allows the OTP code from other registered Okta Verify challenge response factors to work with the single challenge response option. For example, it enables the interchangeability of OTP codes between Okta Verify and Google Authentication Okta authentication methods.

This resolves an issue where, previously, when multiple Okta authentication methods are presented for the same option, it was not possible to distinguish which mobile device the OTP code was expected to be from.

Fixed an issue with the Okta connector (agtokta) to ensure that when methods from the "Authentication methods order" target address configuration are not configured that the matching Okta methods are not shown for the user on authentication for Okta challenge response.

Adds additional error handling to Python Dayforce connector (agtdayforce) to handle more errors on connect and add more retriable error cases when listing

Sanitized log messages from Oracle platforms when failing to reset a password due to it containing a comment.

Fixed an issue with the SAP Hana Database connector (agthana) when encryption is used for the target address configuration.

Review any existing Google apps targets to determine if app-specific passwords, backup verification codes, third-party tokens should be deleted and if two-step verification should be disabled during disable and delete operations.  The agent will now default to "yes". If this behavior is unwanted, uncheck the boxes for the following address line attributes on agtgapps targets: