x-current-page is identical to X-Current-Page.
+
************
### Summary of Actions on Users
diff --git a/docs/en/api/ActionsCmds.md b/docs/en/api/ActionsCmds.md
index 41003da..b240bce 100644
--- a/docs/en/api/ActionsCmds.md
+++ b/docs/en/api/ActionsCmds.md
@@ -379,7 +379,7 @@ Add or remove membership in administrative groups to control administrative righ
* Support Administrators: `_support_admin`
* Deployment Administrators: `_deployment_admin`
- Please note that you cannot assign or remove the administrative role `_org_admin` using the User Management API.
+ Please note that you cannot assign or remove the administrative role `_org_admin`, `_compartment_admin` or `_compartment_viewer` using UMAPI.
In addition, there are administrative groups for each user group and product profile.
* An administrative group for a product is named with the prefix `_product_admin_` and the product name. For example, `_product_admin_Photoshop`. You should avoid any logic that expects fixed group names as these are liable to change without notice.
@@ -402,11 +402,11 @@ Note that the response always reports a successful result for this action, even
}
```
-* __deleteAccount:__ _boolean_; If true then if the account is owned by the organization, the account is also deleted. Note that [Adobe IDs](glossary.md#adobeId) are never deleted because they are owned by the user, not the organization. The default value is false.
+* __deleteAccount:__ _boolean_; If true then if the account is owned by the organization, the account and any of their assets are also deleted. Note that [Adobe IDs](glossary.md#adobeId) are never deleted because they are owned by the user, not the organization. The default value is false.
Corresponding Admin Console actions:
* `"deleteAccount": false` = removing the user from the __Users__ menu
-* `"deleteAccount": true` = removing the user from the __Directory users__ menu; implies loss of account metadata and associated cloud assets
+* `"deleteAccount": true` = removing the user from the __Users__ menu AND the __Directory users__ menu. Removing users from a directory will permanently delete them and their assets. Use this feature with caution as the user and the assets cannot be recovered afterwards. Full information on removing users from a directory can be found [here](https://helpx.adobe.com/enterprise/using/manage-directory-users.html).
Sample JSON body for email based login:
diff --git a/docs/en/api/DeprecatedApis.md b/docs/en/api/DeprecatedApis.md
index ed74f2a..d8fa1ce 100644
--- a/docs/en/api/DeprecatedApis.md
+++ b/docs/en/api/DeprecatedApis.md
@@ -9,7 +9,13 @@ lang: en
# Deprecated APIs
-The following APIs have been deprecated. These APIs will continue to function but could be removed at some point in the future. Their usage is strongly discouraged. Alternatives are noted below.
+The following APIs have been deprecated. These APIs will continue to function but could be removed at some point in the future with appropriate notice. Their usage is strongly discouraged. Alternatives are noted below.
+
+**For the avoidance of doubt, all APIs provided by UMAPI, even those marked as deprecated will continue to be supported for the foreseeable future.**
+
+If it becomes apparent that any API, deprecated or otherwise, needs to be retired from service or needs updated with a breaking change, Adobe will provide at least 6 (six) months notice of the change, via UMAPI documentation (this site) and via Developer Console.
+
+Developer support will also work to make customers aware of the upcoming changes during their regular engagement.
| Deprecated | Current |
| :--- | :------ |
@@ -20,4 +26,4 @@ The following APIs have been deprecated. These APIs will continue to function bu
| [GET /v2/usermanagement/users/{orgId}/{page}/{groupName}](getUsersByGroup.md) | The `adminRoles` property is now deprecated, and administrative roles are reflected in group memberships, returned in the [`groups`](getUsersByGroup.md#ResponseProps) field. |
{:.bordertablestyle}
->Please note that some additional properties can appear in a response but should not be relied upon. Only rely on those properties that are documented in the Response Properties section for each API.
\ No newline at end of file
+>Please note that some additional properties can appear in a response but should not be relied upon. Only rely on those properties that are documented in the Response Properties section for each API.
diff --git a/docs/en/api/ErrorRef.md b/docs/en/api/ErrorRef.md
index 4862cfe..4bf2403 100644
--- a/docs/en/api/ErrorRef.md
+++ b/docs/en/api/ErrorRef.md
@@ -405,4 +405,13 @@ The possible error codes and messages are listed with their context and descript
* **error.usergroup.exceeds_maximum_member_count**
* add, remove
- * The current user count for the group exceeds the recommended size. Please refer to our [requesting help page](getsupport.html) if you would like to discuss this issue further.
+ * The current user count for the group exceeds the recommended size. Please refer to our [requesting help page](getSupport.html) if you would like to discuss this issue further.
+* **error.usergroup.readonly.update_not_allowed**
+ * update
+ * Attempting to modify a readonly group e.g. update the group name
+* **error.usergroup.readonly.add_user_not_allowed**
+ * add
+ * Attempting to add a user membership to a readonly group
+* **error.usergroup.readonly.remove_user_not_allowed**
+ * remove
+ * Attempting to remove a user membership from a readonly group
diff --git a/docs/en/api/QueryProducts.md b/docs/en/api/QueryProducts.md
index f85ed92..b27c922 100644
--- a/docs/en/api/QueryProducts.md
+++ b/docs/en/api/QueryProducts.md
@@ -8,7 +8,7 @@ title: Product Access APIs
---
# Product Access APIs
-**DEPRECATED:** These APIs have been deprecated. An exact date for removal will be confirmed before the end of 2017 but you should look to update your scripts as soon as possible.
+**DEPRECATED:** These APIs have been deprecated. Please use [Get User Groups and Product Profiles](group.md).
Feb 6, 2026: The fix from Feb 3 to correctly resolve user type as `unknown` when the account shows as "Not available" in Admin Console has been reverted due to an issue impacting User Sync Tool customers. A new date for this fix will be announced in the near future.
+Feb 3, 2026: Deployment scheduled to fix the wrong identity type showing for impacted Business IDs that lost their auth account through permanent removal in the main (domain owning) Organisation. The previous type was showing "adobeID" and now it shows "unknown". +If an extraction of users in the Admin Console is made, then the resulting csv will show the impacted accounts on the Identity type column the question mark sign, instead of one of the known identity types: Adobe ID, Federated ID, Enterprise ID. +
October 27, 2025: As previously notified, UMAPI no longer returns "tags" information for the following APIs:
+ +All references to this field have been removed from the relevant documentation.
+July 23, 2025: We've been made aware that some customers are receiving group names with a mysterious suffix, such as provisioning. Since these groups or profiles with these names don't exist in Admin Console (they were a historic construct from a previous iteration of the Adobe platform), we will ensure that we fully filter out these mystery group names. APIs that return lists of group names will be changed to return only user group and product profile names that really exist in the org.
As a best practice, it is recommended to avoid any logic that expects fixed names.
+This change will come into effect on August 26 September 23, 2025 October 28, 2025.
May 22, 2025: With the introduction of the Contract Admin role in 2024, we've been made aware that some customers are not receiving a type value from the Get User Groups and Product Profiles API. To help with consistency, we'll ensure that this scenario results in a type of CONTRACT_ADMIN_GROUP and will enhance the response with a contractName field as below:
+ {
+ "groupId": 555555555,
+ "groupName": "BCDEFA3F5A9DB8F0345B_CONTRACT_GROUP",
+ "adminGroupName": "_admin_BCDEFA3F5A9DB8F0345B_CONTRACT_GROUP",
+ "type": "CONTRACT_ADMIN_GROUP",
+ "contractName": "ETLA - BCDEFA3F5A9DB8F0345B",
+ "memberCount": 1
+ }
+
+This change will come into effect on June 3, 2025.
+May 9, 2025: With the introduction of Single App Edition 4, we've been made aware that some customers have both Single App and Single App Edition 4. To help distinguish groups for each Single App using the same infix structure introduced in May 2023, the `productName` field for the profile will be adjusted to return the "parent" product name, as in the below examples:
+Photoshop (<keyword1,Single App - Enterprise,keyword2>)Photoshop (<keyword1,Single App - Edition 4,keyword2>)If you rely on the name of the "product admin group", you will also see a change here.
+This change will come into effect on June 10, 2025.
+April 15, 2025: As of October 16, 2025, UMAPI will no longer return "tags" information as documented for the following APIs:
+ +Note that this data is likely to become stale over the coming months as the attribute is deprecated internally. If you are currently using this information, please get in touch with the developer support team to let us know your use case. Note that as this change is due to the data being retired from the Adobe platform, UMAPI will not be able to offer extensions to this time frame.
+July 22, 2024: To provide peace of mind for API integrations, all APIs provided by UMAPI, even those marked as deprecated will continue to be supported for the foreseeable future.
+If it becomes apparent that any API, deprecated or otherwise, needs to be retired from service or needs updated with a breaking change, Adobe will provide at least 6 (six) months notice of the change, via UMAPI documentation (this site) and via Developer Console banners.
+We will also endeavour to provide 4 weeks notice of any new fields that are being added to responses in order to give time to prepare. As ever, guidance is to ignore any unrecognised or unknown fields in the UMAPI response. Unless it is documented, it should not be relied upon.
+Developer support will also work to make customers aware of the upcoming removal of APIs during their regular engagement process. +
+From Jan 16th 2024, a new query parameter excludeGroups will be available in Get Users by Group to exclude the return of other group membership information for each user.
Further information and examples can be found within the API documentation.
+This does not impact existing clients.
+From July 25th 2023, a new tags property will be returned as part of a user's response in the following APIs:
If you rely on the name of the “product admin group” (e.g., _product_admin_<product name>) you will also be impacted and have to update your scripts.
You should avoid any logic that expects fixed group names as these are liable to change without notice. We recommend using the Get Groups and Profiles API to fetch the latest group information.
Since May 6th, 2023, User Management API supports OAuth Server-to-Server (S2S) workflows; The JWT one is deprecated and will be removed on 1st of January 2025. Existing integrations based on this authorization scheme will continue to work as usual until this date. Please migrate your project to use OAuth S2S before 2025. +
Since May 6th, 2023, User Management API supports OAuth Server-to-Server (S2S) workflows; The JWT one is deprecated and will stop working from the 27th of January 2025. Existing integrations based on this authorization scheme will continue to work as usual until this date. Please migrate your project to use OAuth S2S before 2025.
For User Sync Tool users, please wait for the v2.9.0 release before migrating to OAuth Server-to-Server.
On August 8th, 2022, Document Cloud product names will remove the "DC" suffix. For example, "Acrobat Pro DC" will be renamed “Acrobat Pro".