accounts now includes the ability to unlock accounts
Previously, the only way to unlock an account was for an
administrator to reset the password. Now, delegated administrative users can
directly unlock an account without resetting the password. For more information,
see Unlocking user accounts
The initiate password reset option does not unlock accounts.
types can now have custom names assigned for Members and Nonmembers
type is now set to Authorization Code with PKCE
Earlier versions of Delegated Admin have used the Implicit grant
type as the default OpenID Connect (OIDC) grant type. Because the Implicit grant
type can leak access tokens, it is no longer recommended for use. In new
installations of Delegated Admin, the grant type is set to Authorization Code
with PKCE. To change your default OIDC grant type to Authorization Code with
PKCE in existing installations of Delegated Admin, see Changing the default OIDC grant type
For more information on the Implicit grant
type, see OAuth
2.0 Implicit Grant.
dadmin-account-locked is not available for
Because the account locked state,
dadmin-account-locked, is not a true attribute, it is not
available for filtering in reporting.
displayed for a correlated resource type
If a resource is linked to more correlated resources than the
correlated resource type's search limit, then no resources will be displayed for
that correlated resource type. To view the resources for that correlated
resource type, increase the correlated resource type's search
Fixed error message issue
Fixed an issue where an error message was not displayed when
password generation was unsuccessful.
Fixed multi-valued attribute deletion
Fixed an issue that prevented the first value in a multi-valued
attribute from being deleted.
Updated the warning banner for configuration
Updated the warning banner for configuration errors to only
display for the first 10 seconds after signing in to Delegated Admin.
to user resource types automatically.
Fixed a user password policy issue
Fixed an issue in which a user's password policy was not being
used to generate new passwords for the user.