Added two privileges for one-time-token use: a12n:one-time-token:generate and a12n-one-time-token:exchange, these both required the admin privilege. There's no bc break here as the original admin privilege still covers these new ones.
It wasn't possible to see a full principal even if a user has the a12n:principal:list privilege.
a12n:one-time-token:generateanda12n-one-time-token:exchange, these both required theadminprivilege. There's no bc break here as the originaladminprivilege still covers these new ones.a12n:principal:listprivilege.