zitadel/docs/docs/support/technical_advisory.mdx

---
title: Technical Advisory
---

Technical advisories are notices that report major issues with ZITADEL Self-Hosted or the ZITADEL Cloud platform that could potentially impact security or stability in production environments.
These advisories may include details about the nature of the issue, its potential impact, and recommended mitigation actions.

Users are strongly encouraged to evaluate these advisories and consider the recommended mitigation actions independently from their version upgrade schedule.
We understand that these advisories may include breaking changes, and we aim to provide clear guidance on how to address these changes.

<table>
  <tr>
    <th>Advisory</th>
    <th>Name</th>
    <th>Type</th>
    <th>Summary</th>
    <th>Affected versions</th>
    <th>Date</th>
  </tr>
  <tr>
    <td>
      <a href="./advisory/a10000">A-10000</a>
    </td>
    <td>Reusing user session</td>
    <td>Breaking Behaviour Change</td>
    <td>
      The default behavior for users logging in is to be directed to the Select
      Account Page on the Login. With the upcoming changes, users will be
      automatically authenticated when logging into a second application, as
      long as they only have one active session. No action is required on your
      part if this is the intended behavior.
    </td>
    <td>2.32.0</td>
    <td>Calendar week 32</td>
  </tr>
  <tr>
    <td>
      <a href="./advisory/a10001">A-10001</a>
    </td>
    <td>Login Policy - Allow Register</td>
    <td>Breaking Behaviour Change</td>
    <td>
      When disabling the option, users are currently not able to register
      locally and also not through an external IDP. With the upcoming change,
      the setting will only prevent local registration. Restriction to Identity
      Providers can be managed through the corresponding IDP Template. No action
      is required on your side if this is the intended behaviour or if you
      already disabled registration on your IDP.
    </td>
    <td>2.35.0</td>
    <td>Calendar week 34</td>
  </tr>
  <tr>
    <td>
      <a href="./advisory/a10002">A-10002</a>
    </td>
    <td>Console - Branding</td>
    <td>Breaking Design Change</td>
    <td>
      Since Angular Material v15 many of the UI components have been refactored
      to be based on the official Material Design Components for Web (MDC).
      These refactored components do not support dynamic styling, so in order to
      keep the library up-to-date, the console UI will loose its dynamic theming
      capability. If you need users to have your branding settings (background-,
      button-, link and text coloring) you should implement your own user
      facing UI yourself and not use ZITADELs console UI.
      ZITADEL hosted Login-UI is not affected by this change.
    </td>
    <td>TBD</td>
      <td>Calendar week 40/41</td>
  </tr>
</table>

## Subscribe to our Mailing List

If you want to stay up to date on our technical advisories, we recommend subscribing to the mailing list.
Go to <a href="https://zitadel.com/technical-advisory">the subscription form</a> and add your email address.

As ZITADEL Cloud customer, you can also login to the <a href="https://zitadel.cloud">ZITADEL Customer Portal</a> and enable the Technical Advisory <a href="https://zitadel.cloud/admin/notifications">Notifications</a> in your settings.

## Categories

### Breaking Behaviour Change

A breaking behavior change refers to a modification or update that changes the behavior of ZITADEL.
This change does not necessarily affect the APIs or any functions you are calling, so it may not require an update to your code.
However, if you rely on specific results or behaviors, they may no longer be guaranteed after the change is implemented.
Therefore, it is important to be aware of breaking behavior changes and their potential impact on your use of ZITADEL, and to take appropriate action if needed to ensure continued functionality.