| Change | Expected in Preview Orgs | Rollout to Production Orgs Expected to Start |
|---|---|---|
| Enhanced Feature: API Support for Assigning App Instance to App Admins | April 11, 2018 | April 15, 2018 |
| Bug Fixed in 2018.15 | April 11, 2018 | April 16, 2018 |
| Previously Released Early Access Features 2018.15 Update | Available now | Available now |
You can add an app instance target to an APP_ADMIN role assignment via the API. Previously an app instance target could be added to the role assignment using the Okta administrators UI only.
When you assign an app instance target to this role assignment, the scope of the role assignment changes from all app targets to just the specified target. Thus you can use this feature to create different APP_ADMIN role assignments for different apps in your org.
For details, visit the Roles API documentation.
This fix applies if the MFA soft lock for delegated authentication feature is enabled. When a user made multiple failed MFA attempts and was locked out, the user status was updated to ACTIVE instead of the correct value, LOCKED_OUT. (OKTA-164900)
The following features have already been released as Early Access. To enable them, contact Support.