*Features*

- Update the Identity Provider End Point to save and retrieve Lockout
policy per zone <https://www.pivotaltracker.com/story/show/87445084>
- Show relevant message after user lockout
<https://www.pivotaltracker.com/story/show/98994270>
- Updated SAML identity provider configuration to accept an
addShadowUser property to govern shadow account creating during SAML
Authentication <https://www.pivotaltracker.com/story/show/97780020>
- Expose Managing /Users & /Groups to a Zone Admin
<https://www.pivotaltracker.com/story/show/98490322>
- New Scope for Creating Clients in a Zone
<https://www.pivotaltracker.com/story/show/98491608>
- Allow to build uaa with Java 8
<https://www.pivotaltracker.com/story/show/98609740>

*Bug Fixes*

- UAADB Housekeeping: Clean up unused/expired oauth_codes and one time
passcodes <https://www.pivotaltracker.com/story/show/98149612>
- Querying users with pagination will return duplicate users
<https://www.pivotaltracker.com/story/show/96657510>
- Serialization/deserialization issues of Java Objects stored in UAADB
<https://www.pivotaltracker.com/story/show/98148936>

—
View it on GitHub <https://github.com/cloudfoundry/uaa/releases/tag/2.4.1>.


Thanks,
Sree Tummidi
Sr. Product Manager
Identity - Pivotal Cloud Foundry