Upgrading from 10.6.X to 10.7.0#
Added missing button HTML classes#
Some templates did not include the base button HTML class for submit buttons, which is necessary for consistent button styling. This has been fixed.
Templates affected:
authenticator/html-form/create-account/post
Database Changes#
No mandatory changes are included in this release. However, the new feature Database Service Providers requires running the relevant SQL script in the $IDSVR_INSTALL/misc/upgrade/10.6-to-10.7/ directory, which creates a new SQL Table for storing Database Service Providers.
If you use a JDBC Data Source, it is recommended that you run the script even if you do not currently plan to use Database Service Providers, so that if the feature is ever required, the necessary table will already exist.
Preparing for version 11.0.0#
This section contains important remarks in preparation for the upcoming 11.0.0 major release, scheduled for February 2026.
JDBC Data Source - End of support for deprecated credential storage schema and related credential modes#
Summary:
In version 11.0.0 it will be required to store credentials in the credentials table.
The credentials-in-accounts-table and credentials-migration credential modes will no longer be supported.
The standard credentials mode will be the only supported mode. If this mode is already being used, no action is needed.
In version 9.0.0 of the Curity Identity Server a new credentials table was introduced to store credentials separately
from accounts, and credential modes were added to support the previous
database structure as well as transitioning to the new one.
In version 10.0.0 the older database schema - where passwords were stored in the accounts table -
was deprecated. The corresponding credentials-in-accounts-table and credentials-migration credential modes were
also deprecated.
In the upcoming 11.0.0 release the older database schema will no longer be supported. Also, support for the credentials-in-accounts-table
and credentials-migration credential modes will be dropped.
Any JDBC data source still using the old credentials schema/modes must be upgraded and configured with standard
credentials mode before upgrading the server to version 11.0.0.
Refer to the upgrade guide for version 9.0.0 for details on how to upgrade the database schema.
If you’re still depending on any of the options only available in the deprecated credential modes (namely credential-query
and custom-query-verifies-password), please contact support.
SDK - Removal of the CredentialDataAccessProvider interface#
The changes mentioned in this section are meant for authors of data access plugins, namely when implementing support for
Credential Data Access using the CredentialDataAccessProvider interface.
The deprecated CredentialDataAccessProvider interface will be removed in version 11.0.0.
The corresponding getCredentialDataAccessProvider method in the DataAccessProviderPluginDescriptor interface will also be removed.
Any data access plugin implementing that interface should be updated to implement one of the subtypes of the CredentialManagementDataAccessProvider
interface before upgrading the server to version 11.0.0.
Refer to the upgrade guide for version 10.0.0 for details on how to update such plugins.
SDK - Removal of the CredentialManager interface#
The deprecated CredentialManager service interface will be removed in version 11.0.0. The related CredentialManagerException class will also be removed.
Any plugins using the CredentialManager service in their configuration type should be updated to use CredentialVerifier or UserCredentialManager before upgrading the server to version 11.0.0.
Usages of the verifyPassword/verifyCredentials methods on CredentialManager should be replaced by the verify method on CredentialVerifier/UserCredentialManager.
This method returns a result type which can be either Accepted or Rejected, indicating the outcome of the verification.
Usages of the updatePassword method on CredentialManager should be replaced by the update method on UserCredentialManager.
This method returns a result type which can be either Accepted or Rejected, indicating the outcome of the update operation.
Note that, unlike the CredentialManager interface, exceptions are not used to report failures, so callers must explicitly check the result object.
Changes to UI Builder#
In version 11.0.0, the UI Builder will no longer be bundled with the server package. Instead, it will be available in a new public GitHub repository, which will be the one-stop location for all frontend-related development and customization. It will still be possible to customize templates, messages, styles, etc., and build the output to be deployed to the server, as with the current UI Builder.
As part of this change, there will be a technical overhaul of the builder and related tooling. Namely, Sass will no longer be used for style-sheets; vanilla CSS is used instead.