v26.2.1

Fix identity disabled error handling during self-service flows

Previously, when attempting to recover or login as an identity that had been disabled (state set to "inactive"), Ory Kratos would return a generic unauthorized error for API and SPA clients.

Instead, Ory Kratos now adds a newly introduced UI message (with ID 4010011) to the flow's UI messages indicating the identity is disabled.

Breaking changes

For API and SPA clients, the error response when interacting with recovery and login flows for disabled identities has been changed from a generic unauthorized error to a specific error indicating that the identity is disabled. This allows clients to handle this case more gracefully.

Upgrade instructions:

If your application already handles "invalid credentials", and other similar errors, no change will be required.
If your application specifically checks for the previous generic unauthorized error during recovery or login flows, you will need to update your error handling logic to check for the new specific "identity disabled" error message in the UI messages of the respective flow objects.

v26.2.1​

Fix identity disabled error handling during self-service flows​

Breaking changes​

Ory Network

v26.2.1

Fix identity disabled error handling during self-service flows

Breaking changes