[Marketplace Contribution] Okta - Content Pack Update (demisto#29650)

* [Marketplace Contribution] Okta - Content Pack Update (demisto#29303)

* "contribution update to pack "Okta""

* minor fixes

* add outputs and readme

* add outputs description

* update docker

* change outputs

---------

Co-authored-by: ostolero <[email protected]>
Co-authored-by: ostolero <[email protected]>

* Fixing AWS Project Number in ASM Cloud (demisto#29593) (demisto#29642)

Co-authored-by: Chait A <[email protected]>
Co-authored-by: johnnywilkes <[email protected]>
Co-authored-by: Michael Yochpaz <[email protected]>

* [MS Teams] support reset_graph_auth (demisto#29644)

* fixed

* pre-commit

* update

* Recordedfuture threathunting v2.5.0 (demisto#29641)

* Recordedfuture threathunting v2.5.0 (demisto#29025)

* Add commands related to Automated Threat hunting
recordedfuture-threat-map
recordedfuture-threat-links
recordedfuture-detection-rules

* Add recordedfuture-collective-insight command. Change app version.

* Update README.md. Add release notes

* Add playbook. Add unittests

* Add unittests

* Fix test_collective_insight_command

* Remove incorrect release note

* Add documentation for threat actor search playbook

* update Recorded Future Threat actor search playbook. add release note about new playbook.

* Update release notes, fix formatting

* Format yml files

* Update Recorded future threat actor search playbook

* Update docker image

* Fix linter

---------

Co-authored-by: Michael Yochpaz <[email protected]>

* Minor README fixes

---------

Co-authored-by: Yaroslav Nestor <[email protected]>
Co-authored-by: Michael Yochpaz <[email protected]>

* [ASM] Expander 5777 (demisto#29647)

* [ASM] Expander 5777 (demisto#29619)

* first

* RN

* Bump pack from version CortexAttackSurfaceManagement to 1.6.36.

---------

Co-authored-by: johnnywilkes <[email protected]>
Co-authored-by: Content Bot <[email protected]>

* XDR Malware Enrichment - hotfix for usernames (split) (demisto#29585)

* Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment

* Added RN

* remove irrelevant test

* Updated RN

* Bump pack from version CortexXDR to 5.1.6.

* Update Packs/CortexXDR/ReleaseNotes/5_1_6.md

Co-authored-by: ShirleyDenkberg <[email protected]>

---------

Co-authored-by: Content Bot <[email protected]>
Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Docker Image To demisto/pyjwt3  (demisto#29656)

* Updated Metadata Of Pack Silverfort

* Added release notes to pack Silverfort

* Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update

* Update Docker Image To demisto/trustar  (demisto#29660)

* Updated Metadata Of Pack TruSTAR

* Added release notes to pack TruSTAR

* Update Docker Image To demisto/keeper-ksm  (demisto#29661)

* Updated Metadata Of Pack KeeperSecretsManager

* Added release notes to pack KeeperSecretsManager

* Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update

* Update Docker Image To demisto/py3-tools  (demisto#29654)

* Updated Metadata Of Pack Intezer

* Added release notes to pack Intezer

* Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update

* Updated Metadata Of Pack FeedMalwareBazaar

* Added release notes to pack FeedMalwareBazaar

* Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update

* Updated Metadata Of Pack FeedGCPWhitelist

* Added release notes to pack FeedGCPWhitelist

* Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update

* Updated Metadata Of Pack AccentureCTI_Feed

* Added release notes to pack AccentureCTI_Feed

* Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update

* Fix DS108

---------

Co-authored-by: sberman <[email protected]>

* Update Docker Image To demisto/taxii-server  (demisto#29659)

* Updated Metadata Of Pack CybleThreatIntel

* Added release notes to pack CybleThreatIntel

* Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update

* Fix DS108

---------

Co-authored-by: sberman <[email protected]>

* Update Docker Image To demisto/datadog-api-client  (demisto#29662)

* Updated Metadata Of Pack DatadogCloudSIEM

* Added release notes to pack DatadogCloudSIEM

* Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update

* Fix DS108

---------

Co-authored-by: sberman <[email protected]>

* Add reliability parameter to cves and pipl integration (demisto#28703)

* commiting PrismaCloudCompute

* release notes added

* changed couldcompute, CVESearchV2, pipl

* added pack metadata

* fixed pipl readme

* reverting changes in CVESearch since it was deprecated

* removed redundant

* committing pre commit changes

* added known words

* added known words

* fixed lint error

* changed according to review

* updated docker version in PrismaCloudCompute

* changed according to doc review

* Added condition for not receiving new incidents in the test playbook

* updating release notes

* reverting fetch changes

* fixed playbook

* formatted playbook

* new validation, new run

* new validation, new run

* Bump pack from version PrismaCloudCompute to 1.4.10.

* update the docker image

---------

Co-authored-by: Content Bot <[email protected]>

* Proofpoint email security pack: update description (demisto#29651)

* update description

* Updated the schema file.

* Updated the schema file.

---------

Co-authored-by: Yehonatan Asta <[email protected]>

* Jira v2 deprecated (demisto#29649)

* Deprecate to jira v2

* update RN

* update conf.json file

* add task to the Create Jira Issue playbook that check if jira v3 is enable

* add image.png of the playbook

* update the playbook (yml, readme, image) and RN

* Update Docker Image To demisto/python3  (demisto#29652)

* Updated Metadata Of Pack PANOSPolicyOptimizer

* Added release notes to pack PANOSPolicyOptimizer

* Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update

* Updated Metadata Of Pack VMwareWorkspaceONEUEM

* Added release notes to pack VMwareWorkspaceONEUEM

* Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update

* Updated Metadata Of Pack CiscoSMA

* Added release notes to pack CiscoSMA

* Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update

* Updated Metadata Of Pack FeedThreatConnect

* Added release notes to pack FeedThreatConnect

* Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update

* Updated Metadata Of Pack BitSight

* Added release notes to pack BitSight

* Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update

* Updated Metadata Of Pack AWS-ILM

* Added release notes to pack AWS-ILM

* Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update

* Updated Metadata Of Pack CiscoWSA

* Added release notes to pack CiscoWSA

* Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update

* Updated Metadata Of Pack SysAid

* Added release notes to pack SysAid

* Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update

* Updated Metadata Of Pack ManageEngine_PAM360

* Added release notes to pack ManageEngine_PAM360

* Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update

* Updated Metadata Of Pack CiscoUmbrellaReporting

* Added release notes to pack CiscoUmbrellaReporting

* Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update

* Fix DS108

---------

Co-authored-by: sberman <[email protected]>

* XSUP-27717/FortiSIEM (demisto#29458)

* add tests

* add RN,fix,logs

* Update 2_0_21.md

* add period

* add a name to incident

* fixes CR

* update docker image

* delete logs

* CR fixes

* Update 2_0_21.md

* Update FortiSIEMV2.py

* reverting the Docker image (demisto#29607)

* reverting the Docker image

* Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md

---------

Co-authored-by: Dan Tavori <[email protected]>

* [Marketplace Contribution] Roksit DNS Security Integration - Sarp (demisto#29663)

* [Marketplace Contribution] Roksit DNS Security Integration - Sarp (demisto#29314)

* "pack contribution initial commit"

* Update RoksitDNSSecurityIntegrationSarp.py

* Update RoksitDNSSecurityIntegrationSarp.py

* Yehuda's version

* test module

* readme

* new logo

* Update RoksitDNSSecurityIntegrationSarp.yml

* Apply suggestions from code review

* Update RoksitDNSSecurityIntegrationSarp_description.md

* Update pack_metadata.json

* Update README.md

* Update pack_metadata.json

* Update pack_metadata.json

* Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json

* fixes

* change name

* folder name

* file names

* version

* rename sub folder

* remove (DNSSense) from the integration name

* rename folder

* docker

* replace image

* fix image name

---------

Co-authored-by: asimsarpkurt <[email protected]>
Co-authored-by: Yehuda <[email protected]>
Co-authored-by: Yehuda Rosenberg <[email protected]>

* rename image

---------

Co-authored-by: xsoar-bot <[email protected]>
Co-authored-by: asimsarpkurt <[email protected]>
Co-authored-by: Yehuda <[email protected]>
Co-authored-by: Yehuda Rosenberg <[email protected]>

* add unstuck fetch stream command (demisto#29646)

* add unstuck fetch stream command

* added RN

* fixes

* add note

* cr fixes

* fix conflicts

* reverts

* [pre-commit pycln] Align the entire repo with pycln demisto#4 (demisto#29665)

* Fix pycln errors

* Update the docker images

* Run demisto-sdk pre-commit

* update docker

---------

Co-authored-by: xsoar-bot <[email protected]>
Co-authored-by: ostolero <[email protected]>
Co-authored-by: ostolero <[email protected]>
Co-authored-by: Chait A <[email protected]>
Co-authored-by: johnnywilkes <[email protected]>
Co-authored-by: Michael Yochpaz <[email protected]>
Co-authored-by: michal-dagan <[email protected]>
Co-authored-by: Yaroslav Nestor <[email protected]>
Co-authored-by: Content Bot <[email protected]>
Co-authored-by: Ido van Dijk <[email protected]>
Co-authored-by: ShirleyDenkberg <[email protected]>
Co-authored-by: sberman <[email protected]>
Co-authored-by: DinaMeylakh <[email protected]>
Co-authored-by: ilaner <[email protected]>
Co-authored-by: Yehonatan Asta <[email protected]>
Co-authored-by: israelpoli <[email protected]>
Co-authored-by: sapir shuker <[email protected]>
Co-authored-by: Mai Morag <[email protected]>
Co-authored-by: Dan Tavori <[email protected]>
Co-authored-by: asimsarpkurt <[email protected]>
Co-authored-by: Yehuda <[email protected]>
Co-authored-by: Yehuda Rosenberg <[email protected]>
Co-authored-by: Yuval Hayun <[email protected]>
Co-authored-by: Menachem Weinfeld <[email protected]>

Author: 23 people

Packs/Okta/Integrations/Okta_v2/Okta_v2.py

@@ -173,6 +173,13 @@ def set_temp_password(self, user_id):
             url_suffix=uri,
         )
 
+    def expire_password(self, user_id):
+        uri = f'users/{user_id}/lifecycle/expire_password'
+        return self._http_request(
+            method="POST",
+            url_suffix=uri
+        )
+
     def add_user_to_group(self, user_id, group_id):
         uri = f'groups/{group_id}/users/{user_id}'
         return self._http_request(
@@ -804,6 +811,30 @@ def set_password_command(client, args):
     )
 
 
+def expire_password_command(client, args):
+    user_id = client.get_user_id(args.get('username'))
+
+    if not (args.get('username') or user_id):
+        raise Exception("You must supply either 'Username' or 'userId")
+
+    raw_response = client.expire_password(user_id)
+    user_context = client.get_users_context(raw_response)
+
+    if argToBoolean(args.get('temporary_password', True)):
+        client.set_temp_password(user_id)
+
+    readable_output = tableToMarkdown('Okta Expired Password', raw_response, removeNull=True)
+    outputs = {
+        'Account(val.ID && val.ID === obj.ID)': createContext(user_context, removeNull=True)
+    }
+
+    return (
+        readable_output,
+        outputs,
+        raw_response
+    )
+
+
 def add_user_to_group_command(client, args):
     group_id = args.get('groupId')
     user_id = args.get('userId')
@@ -1353,6 +1384,7 @@ def main():
         'okta-unsuspend-user': unsuspend_user_command,
         'okta-reset-factor': reset_factor_command,
         'okta-set-password': set_password_command,
+        'okta-expire-password': expire_password_command,
         'okta-add-to-group': add_user_to_group_command,
         'okta-remove-from-group': remove_from_group_command,
         'okta-get-groups': get_groups_for_user_command,

Packs/Okta/Integrations/Okta_v2/Okta_v2.yml

@@ -17,6 +17,7 @@ configuration:
   hiddenusername: true
   section: Connect
   required: false
+  display: ''
 - display: API Token (see detailed instructions)
   name: apitoken
   type: 4
@@ -90,7 +91,7 @@ script:
       description: Okta account factor ID.
       type: String
     - contextPath: Account.Factor.Provider
-      description: Okta account factor provider
+      description: Okta account factor provider.
       type: String
     - contextPath: Account.Factor.Profile
       description: Okta account factor profile.
@@ -102,7 +103,7 @@ script:
       description: Okta account factor status.
       type: Unknown
   - arguments:
-    - description: The user ID
+    - description: The user ID.
       name: userId
     - description: Username for which to un-enroll an existing factor.
       name: username
@@ -149,7 +150,7 @@ script:
       name: groupId
     - description: Name of the group to remove the user from.
       name: groupName
-    description: Removes a user from a group with OKTA_GROUP type
+    description: Removes a user from a group with OKTA_GROUP type.
     name: okta-remove-from-group
   - arguments:
     - default: true
@@ -212,10 +213,8 @@ script:
     - default: true
       description: Term by which to search. Can be a first name, last name, or email address. The argument `term` or `advanced_search` is required.
       name: term
-      required: false
     - description: Searches for users with a supported filtering expression for most properties, including custom-defined properties. The argument `term` or `advanced_search` is required.
       name: advanced_search
-      required: false
     - description: The maximum number of results to return. The default and maximum is 200.
       name: limit
     - auto: PREDEFINED
@@ -322,7 +321,7 @@ script:
       - 'false'
     - description: Searches the name property of groups for matching values.
       name: query
-    - description: "Useful for performing structured queries where constraints on group attribute values can be explicitly targeted. \nThe following expressions are supported(among others) for groups with the filter query parameter: \ntype eq \"OKTA_GROUP\" - Groups that have a type of OKTA_GROUP; lastUpdated lt \"yyyy-MM-dd''T''HH:mm:ss.SSSZ\" - Groups with profile last updated before a specific timestamp; lastMembershipUpdated eq \"yyyy-MM-dd''T''HH:mm:ss.SSSZ\" - Groups with memberships last updated at a specific timestamp; id eq \"00g1emaKYZTWRYYRRTSK\" - Group with a specified ID. For more information about filtering, visit https://developer.okta.com/docs/api/getting_started/design_principles#filtering"
+    - description: "Useful for performing structured queries where constraints on group attribute values can be explicitly targeted. \nThe following expressions are supported(among others) for groups with the filter query parameter: \n type eq \"OKTA_GROUP\" - Groups that have a type of OKTA_GROUP; lastUpdated lt \"yyyy-MM-dd''T''HH:mm:ss.SSSZ\" - Groups with profile last updated before a specific timestamp; lastMembershipUpdated eq \"yyyy-MM-dd''T''HH:mm:ss.SSSZ\" - Groups with memberships last updated at a specific timestamp; id eq \"00g1emaKYZTWRYYRRTSK\" - Group with a specified ID. For more information about filtering, visit https://developer.okta.com/docs/api/getting_started/design_principles#filtering"
       name: filter
     description: Lists users in your organization.
     name: okta-list-users
@@ -616,7 +615,7 @@ script:
   - arguments:
     - description: Searches the name property of groups for matching values.
       name: query
-    - description: "Useful for performing structured queries where constraints on group attribute values can be explicitly targeted. \nThe following expressions are supported(among others) for groups with the filter query parameter: \ntype eq \"OKTA_GROUP\" - Groups that have a type of OKTA_GROUP; lastUpdated lt \"yyyy-MM-dd''T''HH:mm:ss.SSSZ\" - Groups with profile last updated before a specific timestamp; lastMembershipUpdated eq \"yyyy-MM-dd''T''HH:mm:ss.SSSZ\" - Groups with memberships last updated at a specific timestamp; id eq \"00g1emaKYZTWRYYRRTSK\" - Group with a specified ID. For more information about filtering, visit https://developer.okta.com/docs/api/getting_started/design_principles#filtering"
+    - description: "Useful for performing structured queries where constraints on group attribute values can be explicitly targeted. \nThe following expressions are supported(among others) for groups with the filter query parameter: \n type eq \"OKTA_GROUP\" - Groups that have a type of OKTA_GROUP; lastUpdated lt \"yyyy-MM-dd''T''HH:mm:ss.SSSZ\" - Groups with profile last updated before a specific timestamp; lastMembershipUpdated eq \"yyyy-MM-dd''T''HH:mm:ss.SSSZ\" - Groups with memberships last updated at a specific timestamp; id eq \"00g1emaKYZTWRYYRRTSK\" - Group with a specified ID. For more information about filtering, visit https://developer.okta.com/docs/api/getting_started/design_principles#filtering"
       name: filter
     - defaultValue: '200'
       description: The maximum number of results to return. The default is 200.
@@ -649,9 +648,9 @@ script:
       description: Description of the group.
       type: String
   - arguments:
-    - description: 'Filters the lower time bound of the log events in the Internet Date/Time Format profile of ISO 8601. An example: 2017-05-03T16:22:18Z'
+    - description: 'Filters the lower time bound of the log events in the Internet Date/Time Format profile of ISO 8601. An example: 2017-05-03T16:22:18Z.'
       name: since
-    - description: 'Filters the upper time bound of the log events in the Internet Date/Time Format profile of ISO 8601. An example: 2017-05-03T16:22:18Z'
+    - description: 'Filters the upper time bound of the log events in the Internet Date/Time Format profile of ISO 8601. An example: 2017-05-03T16:22:18Z.'
       name: until
     - auto: PREDEFINED
       defaultValue: ASCENDING
@@ -1241,7 +1240,7 @@ script:
   - arguments:
     - description: The maximum number of results to return.
       name: limit
-    description: Get an Okta Zone object
+    description: Get an Okta Zone object.
     name: okta-list-zones
     outputs:
     - contextPath: Okta.Zone.created
@@ -1263,7 +1262,7 @@ script:
       description: Zone name.
       type: String
     - contextPath: Okta.Zone.proxies.type
-      description: Proxies IP entry type e.g. CIDR
+      description: Proxies IP entry type e.g. CIDR.
       type: String
     - contextPath: Okta.Zone.proxies.value
       description: Proxies IP entry value, e.g., 34.103.1.108/32.
@@ -1289,7 +1288,7 @@ script:
     - description: 'Update Proxy IP addresses: CIDR range (1.1.0.0/16) or single IP address (2.2.2.2).'
       isArray: true
       name: proxyIPs
-    description: Update an Okta Zone
+    description: Update an Okta Zone.
     name: okta-update-zone
     outputs:
     - contextPath: Okta.Zone.created
@@ -1326,10 +1325,10 @@ script:
       description: Zone type, e.g., IP.
       type: String
   - arguments:
-    - description: Zone ID to get, e.g., nzoqsmcx1qWYJ6wYF0h.7
+    - description: Zone ID to get, e.g., nzoqsmcx1qWYJ6wYF0h.7.
       name: zoneID
       required: true
-    description: Get a Zone by its ID
+    description: Get a Zone by its ID.
     name: okta-get-zone
     outputs:
     - contextPath: Okta.Zone.created
@@ -1366,14 +1365,14 @@ script:
       description: Zone type, e.g., IP.
       type: String
   - arguments:
-    - description: Zone name
+    - description: Zone name.
       name: name
       required: true
     - description: 'Update Gateway IP addresses: CIDR range (1.1.0.0/16) or single IP address (2.2.2.2).'
       name: gateway_ips
     - description: 'Update Proxy IP addresses: CIDR range (1.1.0.0/16) or single IP address (2.2.2.2).'
       name: proxies
-    description: Creates a Zone with the specified name
+    description: Creates a Zone with the specified name.
     name: okta-create-zone
   - arguments:
     - description: Name of the group to add.
@@ -1386,16 +1385,16 @@ script:
     name: okta-create-group
     outputs:
     - contextPath: OktaGroup.ID
-      description: Group ID in Okta,
+      description: Group ID in Okta,.
       type: Unknown
     - contextPath: OktaGroup.Name
-      description: Group name in Okta,
+      description: Group name in Okta,.
       type: Unknown
     - contextPath: OktaGroup.Description
-      description: Group description in Okta,
+      description: Group description in Okta,.
       type: Unknown
     - contextPath: OktaGroup.Type
-      description: Group type in Okta,
+      description: Group type in Okta,.
       type: Unknown
   - arguments:
     - description: Name of the group to assign to the app.
@@ -1404,11 +1403,57 @@ script:
       name: groupId
     - description: Friendly name of the app that the group will be assigned to.
       name: appName
-    description: Assign a group to an application
+    description: Assign a group to an application.
     name: okta-assign-group-to-app
-  dockerimage: demisto/python3:3.10.12.68714
+  - arguments:
+    - default: true
+      description: Okta username for which to expire the password.
+      name: username
+      required: true
+    - auto: PREDEFINED
+      defaultValue: 'false'
+      description: When true, you'll need to change the password in the next login.
+      name: temporary_password
+      predefined:
+      - 'true'
+      - 'false'
+    description: Expires a password for an existing Okta user.
+    execution: true
+    name: okta-expire-password
+    outputs:
+    - contextPath: Account.Activated
+      description: Timestamp for when the user was activated.
+      type: Date
+    - contextPath: Account.Created
+      description: Timestamp for when the user was created.
+      type: Date
+    - contextPath: Account.DisplayName
+      description: Okta account display name.
+      type: String
+    - contextPath: Account.Email
+      description: Okta account email.
+      type: String
+    - contextPath: Account.ID
+      description: Created Okta account ID.
+      type: String
+    - contextPath: Account.PasswordChanged
+      description: Timestamp for when the user's password was last changed.
+      type: Date
+    - contextPath: Account.Status
+      description: Okta account current status.
+      type: String
+    - contextPath: Account.StatusChanged
+      description: Timestamp for when the user's status was last changed.
+      type: Date
+    - contextPath: Account.Type
+      description: Okta account type.
+      type: String
+    - contextPath: Account.Username
+      description: Okta account usernames returned by the search.
+      type: String
+  dockerimage: demisto/python3:3.10.13.74666
   runonce: false
-  script: '-'
+  script: ""
   subtype: python3
   type: python
 fromversion: 5.0.0

Packs/Okta/Integrations/Okta_v2/Okta_v2_description.md

@@ -1,8 +1,4 @@
 Okta V2
 -
   For information on getting your Okta API token, see the Okta documentation.
-  https://developer.okta.com/docs/api/getting_started/getting_a_token
-
-
----
-[View Integration Documentation](https://xsoar.pan.dev/docs/reference/integrations/okta-v2)
+  https://developer.okta.com/docs/api/getting_started/getting_a_token

Packs/Okta/Integrations/Okta_v2/README.md

@@ -2404,4 +2404,62 @@ There is no context output for this command.
 ```!okta-assign-group-to-app appName="Default-App" groupName="TestGroup"```
 #### Human Readable Output
 
->Group: TestGroup added to PA App successfully
+>Group: TestGroup added to PA App successfully
+### okta-expire-password
+
+***
+Expires a password for an existing Okta user.
+
+#### Base Command
+
+`okta-expire-password`
+
+#### Input
+
+| **Argument Name** | **Description** | **Required** |
+| --- | --- | --- |
+| username | Okta username for which to expire the password. | Required | 
+| temporary_password | When true, you'll need to change the password in the next login. Possible values are: true, false. Default is false. | Optional | 
+
+#### Context Output
+
+| **Path** | **Type** | **Description** |
+| --- | --- | --- |
+| Account.Activated | Date | Timestamp for when the user was activated. | 
+| Account.Created | Date | Timestamp for when the user was created. | 
+| Account.DisplayName | String | Okta account display name. | 
+| Account.Email | String | Okta account email. | 
+| Account.ID | String | Created Okta account ID. | 
+| Account.PasswordChanged | Date | Timestamp for when the user's password was last changed. | 
+| Account.Status | String | Okta account current status. | 
+| Account.StatusChanged | Date | Timestamp for when the user's status was last changed. | 
+| Account.Type | String | Okta account type. | 
+| Account.Username | String | Okta account usernames returned by the search. | 
+
+#### Command example
+```!okta-expire-password username="[email protected]" temporary_password="false"```
+#### Context Example
+```json
+{
+    "Account": {
+        "Activated": "2022-06-20T04:48:04.000Z",
+        "Created": "2022-06-20T04:47:59.000Z",
+        "DisplayName": "Test 1  Test1",
+        "Email": "[email protected]",
+        "ID": "00u19cr5qv91HjELI0h8",
+        "PasswordChanged": "2022-06-20T04:48:07.000Z",
+        "Status": "PASSWORD_EXPIRED",
+        "StatusChanged": "2023-09-10T12:56:04.000Z",
+        "Type": "Okta",
+        "Username": "[email protected]"
+    }
+}
+```
+
+#### Human Readable Output
+
+>### Okta Expired Password
+>|_links|activated|created|credentials|id|lastUpdated|passwordChanged|profile|status|statusChanged|type|
+>|---|---|---|---|---|---|---|---|---|---|---|
+>| suspend: {"href": "https://test.oktapreview.com/api/v1/users/00u19cr5qv91HjELI0h8/lifecycle/suspend", "method": "POST"}<br/>schema: {"href": "https://test.oktapreview.com/api/v1/meta/schemas/user/osc66lckcvDyVcGzS0h7"}<br/>resetPassword: {"href": "https://test.oktapreview.com/api/v1/users/00u19cr5qv91HjELI0h8/lifecycle/reset_password", "method": "POST"}<br/>forgotPassword: {"href": "https://test.oktapreview.com/api/v1/users/00u19cr5qv91HjELI0h8/credentials/forgot_password", "method": "POST"}<br/>expirePassword: {"href": "https://test.oktapreview.com/api/v1/users/00u19cr5qv91HjELI0h8/lifecycle/expire_password", "method": "POST"}<br/>changeRecoveryQuestion: {"href": "https://test.oktapreview.com/api/v1/users/00u19cr5qv91HjELI0h8/credentials/change_recovery_question", "method": "POST"}<br/>self: {"href": "https://test.oktapreview.com/api/v1/users/00u19cr5qv91HjELI0h8"}<br/>type: {"href": "https://test.oktapreview.com/api/v1/meta/types/user/oty66lckcvDyVcGzS0h7"}<br/>changePassword: {"href": "https://test.oktapreview.com/api/v1/users/00u19cr5qv91HjELI0h8/credentials/change_password", "method": "POST"}<br/>deactivate: {"href": "https://test.oktapreview.com/api/v1/users/00u19cr5qv91HjELI0h8/lifecycle/deactivate", "method": "POST"} | 2022-06-20T04:48:04.000Z | 2022-06-20T04:47:59.000Z | password: {}<br/>recovery_question: {"question": "whats the first school?"}<br/>provider: {"type": "OKTA", "name": "OKTA"} | 00u19cr5qv91HjELI0h8 | 2023-09-10T12:56:04.000Z | 2022-06-20T04:48:07.000Z | firstName: Test 1 <br/>lastName: Test1<br/>preferredLanguage: en<br/>mobilePhone: null<br/>city: Tel-Aviv<br/>displayName: Test 1 that<br/>nickName: Testush<br/>secondEmail: null<br/>login: [email protected]<br/>email: [email protected]<br/>employeeNumber: 12345 | PASSWORD_EXPIRED | 2023-09-10T12:56:04.000Z | id: oty66lckcvDyVcGzS0h7 |
+

Packs/Okta/Integrations/Okta_v2/example.txt

@@ -25,4 +25,5 @@ okta-get-zone zoneID=nzoqsmcx1qWYJ6w3355
 okta-update-zone zoneID=nzoqsmcx1qWYJ6w3355 zoneName=MyZone
 okta-list-zones
 okta-create-zone name="test_xsoar_4" gateway_ips="8.8.8.8"
-okta-list-users filter=`lastUpdated gt "2015-04-30T00:00:00.000Z"` limit=10
+okta-list-users filter=`lastUpdated gt "2015-04-30T00:00:00.000Z"` limit=10
+okta-expire-password username="[email protected]" temporary_password="false"

Packs/Okta/ReleaseNotes/3_2_0.md

@@ -0,0 +1,7 @@
+
+#### Integrations
+
+##### Okta v2
+
+- Added the okta-expire-password command which allows users to expire passwords for Okta users.
+- Updated the Docker image to: *demisto/python3:3.10.13.74666*.

Packs/Okta/pack_metadata.json

@@ -2,7 +2,7 @@
     "name": "Okta",
     "description": "Integration with Okta's cloud-based identity management service.",
     "support": "xsoar",
-    "currentVersion": "3.1.29",
+    "currentVersion": "3.2.0",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",