[Marketplace Contribution] Okta - Content Pack Update (#29650)

* [Marketplace Contribution] Okta - Content Pack Update (#29303) * "contribution update to pack "Okta"" * minor fixes * add outputs and readme * add outputs description * update docker * change outputs --------- Co-authored-by: ostolero <[email protected]> Co-authored-by: ostolero <[email protected]> * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) Co-authored-by: Chait A <[email protected]> Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- Co-authored-by: Michael Yochpaz <[email protected]> * Minor README fixes --------- Co-authored-by: Yaroslav Nestor <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: Content Bot <[email protected]> * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <[email protected]> * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <[email protected]> * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <[email protected]> * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- Co-authored-by: Content Bot <[email protected]> * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- Co-authored-by: Yehonatan Asta <[email protected]> * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <[email protected]> * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- Co-authored-by: Dan Tavori <[email protected]> * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- Co-authored-by: asimsarpkurt <[email protected]> Co-authored-by: Yehuda <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> * rename image --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: asimsarpkurt <[email protected]> Co-authored-by: Yehuda <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * update docker --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: ostolero <[email protected]> Co-authored-by: ostolero <[email protected]> Co-authored-by: Chait A <[email protected]> Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> Co-authored-by: michal-dagan <[email protected]> Co-authored-by: Yaroslav Nestor <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: Ido van Dijk <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: sberman <[email protected]> Co-authored-by: DinaMeylakh <[email protected]> Co-authored-by: ilaner <[email protected]> Co-authored-by: Yehonatan Asta <[email protected]> Co-authored-by: israelpoli <[email protected]> Co-authored-by: sapir shuker <[email protected]> Co-authored-by: Mai Morag <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: asimsarpkurt <[email protected]> Co-authored-by: Yehuda <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]>
demisto · Sep 28, 2023 · 58b00f2 · 58b00f2
1 parent 042d3da
commit 58b00f2
Show file tree

Hide file tree

Showing 7 changed files with 170 additions and 31 deletions.
diff --git a/Packs/Okta/Integrations/Okta_v2/Okta_v2.py b/Packs/Okta/Integrations/Okta_v2/Okta_v2.py
@@ -173,6 +173,13 @@ def set_temp_password(self, user_id):
             url_suffix=uri,
         )
 
+    def expire_password(self, user_id):
+        uri = f'users/{user_id}/lifecycle/expire_password'
+        return self._http_request(
+            method="POST",
+            url_suffix=uri
+        )
+
     def add_user_to_group(self, user_id, group_id):
         uri = f'groups/{group_id}/users/{user_id}'
         return self._http_request(
@@ -804,6 +811,30 @@ def set_password_command(client, args):
     )
 
 
+def expire_password_command(client, args):
+    user_id = client.get_user_id(args.get('username'))
+
+    if not (args.get('username') or user_id):
+        raise Exception("You must supply either 'Username' or 'userId")
+
+    raw_response = client.expire_password(user_id)
+    user_context = client.get_users_context(raw_response)
+
+    if argToBoolean(args.get('temporary_password', True)):
+        client.set_temp_password(user_id)
+
+    readable_output = tableToMarkdown('Okta Expired Password', raw_response, removeNull=True)
+    outputs = {
+        'Account(val.ID && val.ID === obj.ID)': createContext(user_context, removeNull=True)
+    }
+
+    return (
+        readable_output,
+        outputs,
+        raw_response
+    )
+
+
 def add_user_to_group_command(client, args):
     group_id = args.get('groupId')
     user_id = args.get('userId')
@@ -1353,6 +1384,7 @@ def main():
         'okta-unsuspend-user': unsuspend_user_command,
         'okta-reset-factor': reset_factor_command,
         'okta-set-password': set_password_command,
+        'okta-expire-password': expire_password_command,
         'okta-add-to-group': add_user_to_group_command,
         'okta-remove-from-group': remove_from_group_command,
         'okta-get-groups': get_groups_for_user_command,

diff --git a/Packs/Okta/Integrations/Okta_v2/Okta_v2.yml b/Packs/Okta/Integrations/Okta_v2/Okta_v2.yml
@@ -17,6 +17,7 @@ configuration:
   hiddenusername: true
   section: Connect
   required: false
+  display: ''
 - display: API Token (see detailed instructions)
   name: apitoken
   type: 4
@@ -90,7 +91,7 @@ script:
       description: Okta account factor ID.
       type: String
     - contextPath: Account.Factor.Provider
-      description: Okta account factor provider
+      description: Okta account factor provider.
       type: String
     - contextPath: Account.Factor.Profile
       description: Okta account factor profile.
@@ -102,7 +103,7 @@ script:
       description: Okta account factor status.
       type: Unknown
   - arguments:
-    - description: The user ID
+    - description: The user ID.
       name: userId
     - description: Username for which to un-enroll an existing factor.
       name: username
@@ -149,7 +150,7 @@ script:
       name: groupId
     - description: Name of the group to remove the user from.
       name: groupName
-    description: Removes a user from a group with OKTA_GROUP type
+    description: Removes a user from a group with OKTA_GROUP type.
     name: okta-remove-from-group
   - arguments:
     - default: true
@@ -212,10 +213,8 @@ script:
     - default: true
       description: Term by which to search. Can be a first name, last name, or email address. The argument `term` or `advanced_search` is required.
       name: term
-      required: false
     - description: Searches for users with a supported filtering expression for most properties, including custom-defined properties. The argument `term` or `advanced_search` is required.
       name: advanced_search
-      required: false
     - description: The maximum number of results to return. The default and maximum is 200.
       name: limit
     - auto: PREDEFINED
@@ -322,7 +321,7 @@ script:
       - 'false'
     - description: Searches the name property of groups for matching values.
       name: query
-    - description: "Useful for performing structured queries where constraints on group attribute values can be explicitly targeted. \nThe following expressions are supported(among others) for groups with the filter query parameter: \ntype eq \"OKTA_GROUP\" - Groups that have a type of OKTA_GROUP; lastUpdated lt \"yyyy-MM-dd''T''HH:mm:ss.SSSZ\" - Groups with profile last updated before a specific timestamp; lastMembershipUpdated eq \"yyyy-MM-dd''T''HH:mm:ss.SSSZ\" - Groups with memberships last updated at a specific timestamp; id eq \"00g1emaKYZTWRYYRRTSK\" - Group with a specified ID. For more information about filtering, visit https://developer.okta.com/docs/api/getting_started/design_principles#filtering"
+    - description: "Useful for performing structured queries where constraints on group attribute values can be explicitly targeted. \nThe following expressions are supported(among others) for groups with the filter query parameter: \n type eq \"OKTA_GROUP\" - Groups that have a type of OKTA_GROUP; lastUpdated lt \"yyyy-MM-dd''T''HH:mm:ss.SSSZ\" - Groups with profile last updated before a specific timestamp; lastMembershipUpdated eq \"yyyy-MM-dd''T''HH:mm:ss.SSSZ\" - Groups with memberships last updated at a specific timestamp; id eq \"00g1emaKYZTWRYYRRTSK\" - Group with a specified ID. For more information about filtering, visit https://developer.okta.com/docs/api/getting_started/design_principles#filtering"
       name: filter
     description: Lists users in your organization.
     name: okta-list-users
@@ -616,7 +615,7 @@ script:
   - arguments:
     - description: Searches the name property of groups for matching values.
       name: query
-    - description: "Useful for performing structured queries where constraints on group attribute values can be explicitly targeted. \nThe following expressions are supported(among others) for groups with the filter query parameter: \ntype eq \"OKTA_GROUP\" - Groups that have a type of OKTA_GROUP; lastUpdated lt \"yyyy-MM-dd''T''HH:mm:ss.SSSZ\" - Groups with profile last updated before a specific timestamp; lastMembershipUpdated eq \"yyyy-MM-dd''T''HH:mm:ss.SSSZ\" - Groups with memberships last updated at a specific timestamp; id eq \"00g1emaKYZTWRYYRRTSK\" - Group with a specified ID. For more information about filtering, visit https://developer.okta.com/docs/api/getting_started/design_principles#filtering"
+    - description: "Useful for performing structured queries where constraints on group attribute values can be explicitly targeted. \nThe following expressions are supported(among others) for groups with the filter query parameter: \n type eq \"OKTA_GROUP\" - Groups that have a type of OKTA_GROUP; lastUpdated lt \"yyyy-MM-dd''T''HH:mm:ss.SSSZ\" - Groups with profile last updated before a specific timestamp; lastMembershipUpdated eq \"yyyy-MM-dd''T''HH:mm:ss.SSSZ\" - Groups with memberships last updated at a specific timestamp; id eq \"00g1emaKYZTWRYYRRTSK\" - Group with a specified ID. For more information about filtering, visit https://developer.okta.com/docs/api/getting_started/design_principles#filtering"
       name: filter
     - defaultValue: '200'
       description: The maximum number of results to return. The default is 200.
@@ -649,9 +648,9 @@ script:
       description: Description of the group.
       type: String
   - arguments:
-    - description: 'Filters the lower time bound of the log events in the Internet Date/Time Format profile of ISO 8601. An example: 2017-05-03T16:22:18Z'
+    - description: 'Filters the lower time bound of the log events in the Internet Date/Time Format profile of ISO 8601. An example: 2017-05-03T16:22:18Z.'
       name: since
-    - description: 'Filters the upper time bound of the log events in the Internet Date/Time Format profile of ISO 8601. An example: 2017-05-03T16:22:18Z'
+    - description: 'Filters the upper time bound of the log events in the Internet Date/Time Format profile of ISO 8601. An example: 2017-05-03T16:22:18Z.'
       name: until
     - auto: PREDEFINED
       defaultValue: ASCENDING
@@ -1241,7 +1240,7 @@ script:
   - arguments:
     - description: The maximum number of results to return.
       name: limit
-    description: Get an Okta Zone object
+    description: Get an Okta Zone object.
     name: okta-list-zones
     outputs:
     - contextPath: Okta.Zone.created
@@ -1263,7 +1262,7 @@ script:
       description: Zone name.
       type: String
     - contextPath: Okta.Zone.proxies.type
-      description: Proxies IP entry type e.g. CIDR
+      description: Proxies IP entry type e.g. CIDR.
       type: String
     - contextPath: Okta.Zone.proxies.value
       description: Proxies IP entry value, e.g., 34.103.1.108/32.
@@ -1289,7 +1288,7 @@ script:
     - description: 'Update Proxy IP addresses: CIDR range (1.1.0.0/16) or single IP address (2.2.2.2).'
       isArray: true
       name: proxyIPs
-    description: Update an Okta Zone
+    description: Update an Okta Zone.
     name: okta-update-zone
     outputs:
     - contextPath: Okta.Zone.created
@@ -1326,10 +1325,10 @@ script:
       description: Zone type, e.g., IP.
       type: String
   - arguments:
-    - description: Zone ID to get, e.g., nzoqsmcx1qWYJ6wYF0h.7
+    - description: Zone ID to get, e.g., nzoqsmcx1qWYJ6wYF0h.7.
       name: zoneID
       required: true
-    description: Get a Zone by its ID
+    description: Get a Zone by its ID.
     name: okta-get-zone
     outputs:
     - contextPath: Okta.Zone.created
@@ -1366,14 +1365,14 @@ script:
       description: Zone type, e.g., IP.
       type: String
   - arguments:
-    - description: Zone name
+    - description: Zone name.
       name: name
       required: true
     - description: 'Update Gateway IP addresses: CIDR range (1.1.0.0/16) or single IP address (2.2.2.2).'
       name: gateway_ips
     - description: 'Update Proxy IP addresses: CIDR range (1.1.0.0/16) or single IP address (2.2.2.2).'
       name: proxies
-    description: Creates a Zone with the specified name
+    description: Creates a Zone with the specified name.
     name: okta-create-zone
   - arguments:
     - description: Name of the group to add.
@@ -1386,16 +1385,16 @@ script:
     name: okta-create-group
     outputs:
     - contextPath: OktaGroup.ID
-      description: Group ID in Okta,
+      description: Group ID in Okta,.
       type: Unknown
     - contextPath: OktaGroup.Name
-      description: Group name in Okta,
+      description: Group name in Okta,.
       type: Unknown
     - contextPath: OktaGroup.Description
-      description: Group description in Okta,
+      description: Group description in Okta,.
       type: Unknown
     - contextPath: OktaGroup.Type
-      description: Group type in Okta,
+      description: Group type in Okta,.
       type: Unknown
   - arguments:
     - description: Name of the group to assign to the app.
@@ -1404,11 +1403,57 @@ script:
       name: groupId
     - description: Friendly name of the app that the group will be assigned to.
       name: appName
-    description: Assign a group to an application
+    description: Assign a group to an application.
     name: okta-assign-group-to-app
-  dockerimage: demisto/python3:3.10.12.68714
+  - arguments:
+    - default: true
+      description: Okta username for which to expire the password.
+      name: username
+      required: true
+    - auto: PREDEFINED
+      defaultValue: 'false'
+      description: When true, you'll need to change the password in the next login.
+      name: temporary_password
+      predefined:
+      - 'true'
+      - 'false'
+    description: Expires a password for an existing Okta user.
+    execution: true
+    name: okta-expire-password
+    outputs:
+    - contextPath: Account.Activated
+      description: Timestamp for when the user was activated.
+      type: Date
+    - contextPath: Account.Created
+      description: Timestamp for when the user was created.
+      type: Date
+    - contextPath: Account.DisplayName
+      description: Okta account display name.
+      type: String
+    - contextPath: Account.Email
+      description: Okta account email.
+      type: String
+    - contextPath: Account.ID
+      description: Created Okta account ID.
+      type: String
+    - contextPath: Account.PasswordChanged
+      description: Timestamp for when the user's password was last changed.
+      type: Date
+    - contextPath: Account.Status
+      description: Okta account current status.
+      type: String
+    - contextPath: Account.StatusChanged
+      description: Timestamp for when the user's status was last changed.
+      type: Date
+    - contextPath: Account.Type
+      description: Okta account type.
+      type: String
+    - contextPath: Account.Username
+      description: Okta account usernames returned by the search.
+      type: String
+  dockerimage: demisto/python3:3.10.13.74666
   runonce: false
-  script: '-'
+  script: ""
   subtype: python3
   type: python
 fromversion: 5.0.0

diff --git a/Packs/Okta/Integrations/Okta_v2/Okta_v2_description.md b/Packs/Okta/Integrations/Okta_v2/Okta_v2_description.md
@@ -1,8 +1,4 @@
 Okta V2
 -
   For information on getting your Okta API token, see the Okta documentation.
-  https://developer.okta.com/docs/api/getting_started/getting_a_token
-
-
----
-[View Integration Documentation](https://xsoar.pan.dev/docs/reference/integrations/okta-v2)
+  https://developer.okta.com/docs/api/getting_started/getting_a_token
diff --git a/Packs/Okta/Integrations/Okta_v2/README.md b/Packs/Okta/Integrations/Okta_v2/README.md
@@ -2404,4 +2404,62 @@ There is no context output for this command.
 ```!okta-assign-group-to-app appName="Default-App" groupName="TestGroup"```
 #### Human Readable Output
 
->Group: TestGroup added to PA App successfully
+>Group: TestGroup added to PA App successfully
+### okta-expire-password
+
+***
+Expires a password for an existing Okta user.
+
+#### Base Command
+
+`okta-expire-password`
+
+#### Input
+
+| **Argument Name** | **Description** | **Required** |
+| --- | --- | --- |
+| username | Okta username for which to expire the password. | Required | 
+| temporary_password | When true, you'll need to change the password in the next login. Possible values are: true, false. Default is false. | Optional | 
+
+#### Context Output
+
+| **Path** | **Type** | **Description** |
+| --- | --- | --- |
+| Account.Activated | Date | Timestamp for when the user was activated. | 
+| Account.Created | Date | Timestamp for when the user was created. | 
+| Account.DisplayName | String | Okta account display name. | 
+| Account.Email | String | Okta account email. | 
+| Account.ID | String | Created Okta account ID. | 
+| Account.PasswordChanged | Date | Timestamp for when the user's password was last changed. | 
+| Account.Status | String | Okta account current status. | 
+| Account.StatusChanged | Date | Timestamp for when the user's status was last changed. | 
+| Account.Type | String | Okta account type. | 
+| Account.Username | String | Okta account usernames returned by the search. | 
+
+#### Command example
+```!okta-expire-password username="[email protected]" temporary_password="false"```
+#### Context Example
+```json
+{
+    "Account": {
+        "Activated": "2022-06-20T04:48:04.000Z",
+        "Created": "2022-06-20T04:47:59.000Z",
+        "DisplayName": "Test 1  Test1",
+        "Email": "[email protected]",
+        "ID": "00u19cr5qv91HjELI0h8",
+        "PasswordChanged": "2022-06-20T04:48:07.000Z",
+        "Status": "PASSWORD_EXPIRED",
+        "StatusChanged": "2023-09-10T12:56:04.000Z",
+        "Type": "Okta",
+        "Username": "[email protected]"
+    }
+}
+```
+
+#### Human Readable Output
+
+>### Okta Expired Password
+>|_links|activated|created|credentials|id|lastUpdated|passwordChanged|profile|status|statusChanged|type|
+>|---|---|---|---|---|---|---|---|---|---|---|
+>| suspend: {"href": "https://test.oktapreview.com/api/v1/users/00u19cr5qv91HjELI0h8/lifecycle/suspend", "method": "POST"}<br/>schema: {"href": "https://test.oktapreview.com/api/v1/meta/schemas/user/osc66lckcvDyVcGzS0h7"}<br/>resetPassword: {"href": "https://test.oktapreview.com/api/v1/users/00u19cr5qv91HjELI0h8/lifecycle/reset_password", "method": "POST"}<br/>forgotPassword: {"href": "https://test.oktapreview.com/api/v1/users/00u19cr5qv91HjELI0h8/credentials/forgot_password", "method": "POST"}<br/>expirePassword: {"href": "https://test.oktapreview.com/api/v1/users/00u19cr5qv91HjELI0h8/lifecycle/expire_password", "method": "POST"}<br/>changeRecoveryQuestion: {"href": "https://test.oktapreview.com/api/v1/users/00u19cr5qv91HjELI0h8/credentials/change_recovery_question", "method": "POST"}<br/>self: {"href": "https://test.oktapreview.com/api/v1/users/00u19cr5qv91HjELI0h8"}<br/>type: {"href": "https://test.oktapreview.com/api/v1/meta/types/user/oty66lckcvDyVcGzS0h7"}<br/>changePassword: {"href": "https://test.oktapreview.com/api/v1/users/00u19cr5qv91HjELI0h8/credentials/change_password", "method": "POST"}<br/>deactivate: {"href": "https://test.oktapreview.com/api/v1/users/00u19cr5qv91HjELI0h8/lifecycle/deactivate", "method": "POST"} | 2022-06-20T04:48:04.000Z | 2022-06-20T04:47:59.000Z | password: {}<br/>recovery_question: {"question": "whats the first school?"}<br/>provider: {"type": "OKTA", "name": "OKTA"} | 00u19cr5qv91HjELI0h8 | 2023-09-10T12:56:04.000Z | 2022-06-20T04:48:07.000Z | firstName: Test 1 <br/>lastName: Test1<br/>preferredLanguage: en<br/>mobilePhone: null<br/>city: Tel-Aviv<br/>displayName: Test 1 that<br/>nickName: Testush<br/>secondEmail: null<br/>login: [email protected]<br/>email: [email protected]<br/>employeeNumber: 12345 | PASSWORD_EXPIRED | 2023-09-10T12:56:04.000Z | id: oty66lckcvDyVcGzS0h7 |
+
diff --git a/Packs/Okta/Integrations/Okta_v2/example.txt b/Packs/Okta/Integrations/Okta_v2/example.txt
@@ -25,4 +25,5 @@ okta-get-zone zoneID=nzoqsmcx1qWYJ6w3355
 okta-update-zone zoneID=nzoqsmcx1qWYJ6w3355 zoneName=MyZone
 okta-list-zones
 okta-create-zone name="test_xsoar_4" gateway_ips="8.8.8.8"
-okta-list-users filter=`lastUpdated gt "2015-04-30T00:00:00.000Z"` limit=10
+okta-list-users filter=`lastUpdated gt "2015-04-30T00:00:00.000Z"` limit=10
+okta-expire-password username="[email protected]" temporary_password="false"
diff --git a/Packs/Okta/ReleaseNotes/3_2_0.md b/Packs/Okta/ReleaseNotes/3_2_0.md
@@ -0,0 +1,7 @@
+
+#### Integrations
+
+##### Okta v2
+
+- Added the okta-expire-password command which allows users to expire passwords for Okta users.
+- Updated the Docker image to: *demisto/python3:3.10.13.74666*.
diff --git a/Packs/Okta/pack_metadata.json b/Packs/Okta/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Okta",
     "description": "Integration with Okta's cloud-based identity management service.",
     "support": "xsoar",
-    "currentVersion": "3.1.29",
+    "currentVersion": "3.2.0",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",