Hi everyone, We are using Hydra self-hosted server and the Java SDK for our client apps. We encountered an unexpected breaking change in the API when upgrading from 2.0.2 to 2.1.1 (we first went with the server, which was the issue, but I think it would hit even harder for people using the cloud version) The server now exposes a

skip_consent

attribute in the client description JSON, which crashes the Java client when asking for a login challenge. The Java SDK has an allowlist of attributes that is used when validating the received JSON, which doesn't contain

skip_consent

until the 2.1.0 (see here). If an attribute outside of this list is provided by the server, it crashes the client. So we were running Server 2.1.1 and Java client 2.0.2 and couldn't get a login challenge at all anymore. We may have missed some key information about how to upgrade the client and server but didn't expect a breaking change in a minor version. For future reference, are minor client versions expected to be backwards compatible with older server versions?

Hello @early-noon-77493 We try to keep it backwards compatible whenever possible, but

The Ory SDK uses automated code generation by

openapi-generator

.

openapi-generator

can make changes to the generated code with each new version, which breaks backwards compatibility in some cases. As a result, Ory SDK may not be compatible with previous versions.

It is not possible for us to guarantee backwards compatibility when self-hosting Ory. It is a different thing for the managed Ory Network, which uses the same SDK more or less, but we do some extra work on the network side to ensure it stays backwards compatible.

okay, thank you for the feedback, we will be extra careful 🙂