Changelog

Beginning with this release (November 14, 2024 onwards, product version 29.7.0 and later), you can find all new information about security updates for Xperience by Kentico in the form of security advisories.

Subscribe to our RSS feeds to get notified about new product features or security updates as soon as we release them.

• Are you interested only in receiving security updates? Then subscribe to our Security updates RSS feed.
• Do you want to receive all product updates, including all refresh and hotfix news? Then subsribe to our Product releases RSS feed.

Combined content selector
The content item selector form component was improved to enable the selection of web pages from content trees of website channels in addition to reusable content items from the content hub. As a result, the selector was renamed to Combined content selector. This improvement enables developers to directly access fields of selected web pages in emails and headless content.

Administration authentication improvements
The authentication functionality of the Xperience administration now provides the following features, which help increase security against brute-force attacks:

• Account lockout – temporarily blocks authentication for user accounts after a number of failed sign-in attempts. See Account lockout to learn more.
• Forbidden passwords – allows developers to configure a list of passwords that cannot be submitted when users register new accounts or reset existing passwords (even if the password otherwise fulfills password policy requirements). This prevents users from choosing common or easy-to-guess passwords.

Notifications for administration users
Notifications inform users of the administration about various events. In the current release, notifications are supported for user management events, such as invitations and password resets. These notifications replace the original code-driven approach to customizing user management emails, which allows non-developers to adjust the notification content directly in the administration through the new Notifications application.

Asset download
The Content hub application now allows editors to download files uploaded as content item assets.

Automation summary for contacts
When viewing contacts in the Contact management application, the new Automation processes tab displays a list of automation processes the contact has triggered and the current step for each process. Additionally, the three latest automation processes of a contact are displayed on the Overview tab.

Run database migrations during CI/CD restore
The CI/CD utility now supports running database migrations as part of the CI/CD database restore operation via the --enable-migrations parameter. When using this parameter, migrations don’t need to be applied using external scripts. The utility now covers all CI/CD scenarios supported by Xperience.

The update introduces the following object types, which are supported by the Continuous Integration and Continuous Deployment features. Consider updating the repository.config files of your CI/CD repositories, particularly when using the <IncludedObjectTypes> allowlist for object type filtering.

• cms.notificationemail – stores the content and configuration of system notification emails (user invitations, password reset emails, etc.).
• cms.notificationemailtemplate – stores notification email templates.

Generic provider updates

The ApplicationPermissionInfoProvider class from the CMS.Membership namespaces was made obsolete. Use the generic IInfoProvider provider instead.

Options API for administration authentication emails

The following options API related to user management emails was made obsolete:

• AdminIdentityEmailOptions.SenderAddress
• AdminIdentityEmailOptions.RegistrationEmailMessageProvider
• AdminIdentityEmailOptions.ResetPasswordEmailMessageProvider
• AdminIdentityEmailOptions.ResetMultifactorSecretKeyEmailMessageProvider

Instead, customize user management emails via the corresponding notifications, which can be configured through the new Notifications application in the administration UI.

If you have the obsolete AdminIdentityEmailOptions.SenderAddress property configured, it overrides sender addresses configured in the Notifications application. We recommend that you set the sender address for each notification email through the Notifications application, and then remove the usage of the obsolete API.

ContactInfoProvider methods

The following ContactInfoProvider methods are now obsolete:

• GetContactIDByEmail(string email) – use the GetContactInfo(string email) method instead.
• GetContactFullName(int id) – use the overload with a ContactInfo parameter instead.
• UpdateContactFromExternalData(BaseInfo source, bool allowOverwrite, int contactID) – use the overload with a ContactInfo parameter instead.

The release of version 29.6.0 marks the end of the three-month transition period to the new license key format introduced in the July Refresh – Product instance licensing changes.

All projects that update to version 29.6.0 and newer must use the new license keys exclusively.

Multi-factor authentication for the administration
The Xperience administration now supports multi-factor authentication (MFA) for users. You can enable MFA to add an extra layer of security to the administration sign-in process – users need to provide a passcode generated by an authenticator app using the Time-based One-time Password (TOTP) algorithm. See Multi-factor authentication.

Email microchannels
The system now supports the Microchannel size for email channels. Email microchannels are available in all license tiers, but have a limit of 5 emails per microchannel. This limit restricts the maximum number of email items allowed in the channel, but not how many times these emails can be sent to recipients.

You can select the channel size when creating new email channels in the Channel management application, or switch the size for existing channels that do not exceed the maximum number of allowed emails.

Mass asset upload
The Content hub application now allows users to mass upload new files and automatically convert them to content item assets of a configured content type.

Content item selector supports multiple content types
The content item selector form component now supports multiple allowed content types. You can specify multiple content types when using the selector in content type fields or as an editing component.

Retrieval of absolute URLs of pages
The IWebPageUrlRetriever interface now enables users to directly retrieve absolute URLs of web pages. The retrieved object now contains an AboluteUrl property in addition to the RelativePath property.

‘Clicked email link with URL’ condition for contact groups and automation
A new condition is available for contact groups and automation processes, which allows marketers to check if a contact has clicked a link with a specific URL within a selected email.

.NET 8 in Kentico.Xperience.Templates projects
.NET project templates installed from the Kentico.Xperience.Templates NuGet package version 29.6.0 and newer now target .NET 8 instead of .NET 6.

End of preview mode for automation
Automation, which was introduced in preview mode in refresh 29.4.0, is now released as a fully supported feature.

Excluding jQuery from Form Builder and Page Builder scripts
This release removes the dependency of Page Builder and Form Builder client-side scripts on the jQuery library. To maintain backward compatibility, users now control whether jQuery is linked on live site pages with Form Builder and Page Builder content. The behavior is configured via a new CMSBuilderScriptsIncludeJQuery setting (set using appsettings.json), which is true by default. Starting with the next major release (version 30.0.0), the setting will default to false, requiring explicit opt-in. All out-of-the-box builder features remain functional without jQuery. See Exclude jQuery from builder scripts.

jQuery will be phased out completely in one of the future major releases. For projects with custom components that rely on the library, consider disabling it in Xperience and referencing an external implementation to prevent possible issues in the future.

Detecting Page Builder read-only mode
Users now have the option to check the Page Builder mode from a retrieved IPageBuilderDataContext instance via the GetMode method. The method returns a value from the PageBuilderMode enumeration. See Establish rendering context.

Binary serialization support removed from generated Info classes
The code generator for Info classes no longer generates the following members:

• Serializable attribute annotating the class
• constructor: protected (SerializationInfo info, StreamingContext context) : base(info, context)

The support for this type of serialization is now obsolete. To remove these members from your custom classes, we recommend regenerating all Info classes after updating your project.

dotnet run --no-build -- --kxp-codegen --type "Classes" --with-provider-class False

Removed transitive dependency
The Microsoft.Extensions.Configuration.Binder package (transitive dependency) was removed from the Kentico.Xperience.Core package.

• The CMSEmailUrlDefaultScheme configuration key is now obsolete. Use the URLResolveOptions.UseSSL option instead.
• The AuthenticateUrl Razor extension method is now obsolete. Use the new ApplyPreviewContext method, which adds preview context to the URLs instead.

Vanity URLs
Editors can now configure pages to use short and human-readable vanity URLs for marketing, branding, sharing, and SEO purposes without the need for configuration in the website code. Editors can also select which URL (default system or vanity) is the canonical URL of a page.

Activity logging for email link clicks
When recipients click links in email content, the system can now log the actions as activities for individual contacts. These activities are available in addition to the anonymous email statistics that are tracked in current versions of Xperience by Kentico. Email activities allow marketers to segment contacts, personalize content, and make decisions based on the actions that your audience takes when viewing email channel content. See Track email statistics to learn more.

To ensure compliance with data protection regulations, email activity logging is not active by default. Developers need to implement logic that decides when it is possible to track email activities for specific contacts, for example based on consents.

Member registration activity logging
The system now logs the new Member registration activity when a visitor completes the member registration process. Registration activities allow you to segment your contacts, or set up automation processes for engaging with newly registered members.

For visitors who are tracked as contacts, the activity is logged for the current contact. Otherwise, the activity is logged for an existing contact matching the member’s email address. If a matching contact cannot be found, a new “untracked” contact is created for the activity (based on legitimate interest).

The system automatically maps the email address of newly registered members to the email of the corresponding contact (if the contact does not already have an email value). Developers can extend the mapping for custom member fields by implementing their own mapping service.

Automation improvements
Automation now supports a new Registration trigger type, which allows you to set up processes for engaging with contacts who register as a member.

Additionally, the Automation Builder now automatically pre-fills names for new steps based on their type, and the text displayed in steps is now fully customizable (only the exact step name is used).

Content folder moving
The Content hub application now allows editors to move content folders under a different folder, together with all subfolders and contained items.

Filtering in the content folder selector
The content folder selector UI form component now allows developers to specify which content folders are disabled for selection.

Admin UI development improvements
The UI tree in the System application was extended to display URL parameters of individual UI pages.

New SaaS deployment regions
Support for Canada East, UK West, Japan West, Australia Southeast, North Central US, and Switzerland North regions was added for SaaS deployments. See SaaS overview for a list of all available regions.

• Website content – The URL properties of web pages were moved from the Content view mode to a new URLs tab with the new vanity URL properties.
• SaaS
  • Service plans up to Level 3 now allow 2 custom domains by default. One for the apex domain (example.com) and one for the www subdomain (www.example.com).
  • All projects deployed to the SaaS environment now support both the new and old license key formats.
• Xperience Portal – You can now see additional details about your license (Xperience license tier, number of extra custom website channel domains, and the total number of available standard and microchannels) in the Service plan and license details section of the project Dashboard.

Generic provider updates

Provider classes from the CMS.OnlineMarketing and CMS.Activities namespaces were made obsolete. Use the generic IInfoProvider provider instead. Affected classes:

• CMS.OnlineMarketing.TrackedWebsiteInfoProvider

• CMS.Activities.ActivityInfoProvider

• CMS.Activities.ActivityTypeInfoProvider

Admin UI page API

• The IPageUrlGenerator service and the IPageUrlGenerator.GenerateUrl method for getting the URLs of administration UI pages were made obsolete. Use the new IPageLinkGenerator service and IPageLinkGenerator.GetPath method instead, which provide more robust URL generating in cases where new path segments are added to UI page URLs.

• The UIPage attribute with the icon parameter was made obsolete. The new UIPage attribute uses an Icon property instead.

• API members for setting URL parameter values for UI pages via a string [] array were made obsolete (for example PageConfiguration.AddEditRowAction). Use the new API which replaces the array parameter with the PageParameterValues class.

PageConfiguration.AddEditRowAction<ChildObjectEdit>(parameters:
  new PageParameterValues
    {
        { typeof(ChildObjectEditSection), ParentId }
    });

Smart folder selector attribute

When assigning the Smart folder selector UI form component to properties, the SmartFolderSelectorComponent attribute constructor with the contentTypeFilter parameter is now obsolete.

Instead, use the attribute constructor without parameters and assign the filter type into the corresponding attribute property – either AllowedContentTypeIdentifiersFilter or AllowedReusableFieldSchemaIdentifiersFilter.

[SmartFolderSelectorComponent(AllowedContentTypeIdentifiersFilter = typeof(CoffeeContentTypeFilter), Label = "Coffee smart folder", Order = 1)]
public SmartFolderReference SmartFolderWithCoffee { get; set; }

Automation
Automation allows you to set up processes that dynamically interact with your audience. Marketers design the steps within each process using a visual Automation Builder interface. In the current version, you can use automation to set up advanced email follow-ups when a form is submitted. With automation, you can send a series of multiple emails, add waiting intervals, or send different emails based on conditions.

Smart folder dynamic content delivery
Dynamic content delivery can now be enabled for smart folders. This allows developers to retrieve items matching a smart folder’s filter criteria, and gives content editors the power to control which items are delivered directly in the Content hub UI, without needing to adjust code.

Such folders can be selected using the new Smart folder selector UI form component, for example in dedicated fields of website channel pages and reusable content items, or in Page Builder widget properties. Developers can then use such fields to retrieve content items from the selected smart folder.

Smart folder cloning
New option to clone smart folders, which allows users to quickly create new smart folders with the same filter criteria as an existing folder.

Smart folder properties
Users can now view the properties of smart folders in the Content hub application. The properties include the folder’s identifiers, created and last modified timestamps, as well as other metadata.

Improved Page Builder read-only mode
Page Builder now allows you to copy widgets and sections, view widget/section properties, and browse available widget personalization variants on pages in a non-editable status (e.g., Published and Unpublished).

Last published filtering in Content hub
The Content hub listing was extended to allow editors to filter items based on their Last published date and time. This new option can also be used in the filter criteria of smart folders.

Listing filter UI improvements
When a filter is applied to a listing in the administration (and when viewing a smart folder), hovering over the filter tiles above the listing now displays information about the value set for the matching filter condition.

Public API for page permission management
The new public WebPageAclManager API allows developers to manage page permissions. The API can be useful when managing website content programmatically.

Multiple allowed email purposes for the email selector
The email selector UI form component was extended with the AllowedEmailPurposes property, which allows developers to set multiple allowed email purposes.

Generic provider updates
The following Info providers in the CMS.EmailMarketing and CMS.EmailEngine namespace were made obsolete. Use the generic IInfoProvider provider instead. This is a continuation of the effort to replace dedicated providers with the generic approach. The interfaces for these providers were made obsolete in the March 2024 Refresh.

CMS.EmailMarketing namespace:

• EmailBounceInfoProvider
• EmailTemplateContentTypeInfoProvider
• EmailConfigurationInfoProvider
• EmailChannelInfoProvider
• EmailChannelSenderInfoProvider
• EmailLinkInfoProvider
• EmailStatisticsInfoProvider
• EmailStatisticsHitsInfoProvider
• EmailTemplateInfoProvider
• EmailSubscriptionConfirmationInfoProvider
• EmailMarketingRecipientInfoProvider
• SendConfigurationInfoProvider
• RecipientListSettingsInfoProvider

CMS.EmailEngine namespace:

• AttachmentForEmailInfoProvider
• EmailAttachmentInfoProvider
• EmailInfoProvider

Stored XSS in Checkbox form component
The Checkbox component in Form Builder was vulnerable to Cross-Site-Scripting attack (XSS). To eliminate this vulnerability, support for HTML in Checkbox component was removed.

One of the features introduced by this release is usage tracking, which monitors references between content items in the system. For usage tracking to function correctly, the system needs to find and store all existing references during the update.

Before the update

The automatic update procedure is capable of handling references created using the default rich text editor and content item selector components. However, if your project uses any custom solutions for storing content item references, such as a custom URL selector, or a custom rich text inline editor, you need to follow a specific update procedure for this refresh:

1. Update the project’s NuGet packages.
2. Before updating the database, you need to implement reference extractors for any content type fields or Page Builder component properties containing references to reusable content items added via custom UI form components or inline editors.
3. Update the project’s database and file system.

If you update your project’s database before implementing the necessary reference extractors, usage tracking will report results inconsistent with the true state of your project. Contact Kentico support for assistance if you encounter any issues or perform the database update before implementing reference extractors.

After the update

After performing the update, you need to change the data type of all fields that use the Rich text editor form component to a new data type: Rich text (HTML). Using Text and Long text data types together with the Rich text editor form component is now obsolete. The Rich text (HTML) data type uses the same database representation as Text and Long text, so you can switch the data types in the Content types application. Content types with the obsolete combination of data types and Rich text editor form components display a warning on their Fields tab. Content item usage is tracked in the affected fields but this is likely to change in the future.

You can use the following code snippet to run an automatic one-time conversion of all affected fields to the new data type. Call the ConvertTextAndLongTextTypesToRichText method, for example, on application startup after initializing Kentico services.

Download data type conversion code snippets

Beginning with this release (July 25, 2024 onwards, product version 29.3.0 and later), Xperience by Kentico is introducing support for a new license key format. This change allows the system to track and inform clients about contractual violations related to product usage.

Note that changes introduced by this version primarily concern projects that plan to maintain version parity with the latest Xperience by Kentico releases. Projects running Xperience by Kentico versions lower than 29.3.0 are not retroactively affected. Such projects can continue using the current license keys until otherwise indicated or until you wish to update to a newer version.

Please carefully read the following sections to familiarize yourselves with the possible impact on your projects.

Transition period

The product is entering a three-month transition period lasting until the October 2024 Refresh release. During this period, both the current license key format (managed via the License keys application) and the new one will be active and available in the product side by side. You can seamlessly switch your projects to the new format without any downtime.

The October 2024 Refresh release will remove support for the current license key format. All projects updated to the October 2024 Refresh release or newer will need to switch to the new licenses.

Changes to license key management

The License keys application is becoming obsolete and will be removed in the October 2024 Refresh release. License keys in the new format are managed via the Settings application under System -> Licenses.

Clients can generate the new keys via Client Portal. The NEW label on the key generator buttons indicates key generators for the new license keys.

To replace your current license keys with new ones:

1. Sign in to Client Portal.
2. Under license management, generate license keys in the new format.
3. In your Xperience instance, open Settings -> System -> Licenses.
4. Insert the license key into the License key setting and save the changes.
5. Remove all obsolete license keys from the License keys application.

The new licensing model requires a single license key for each Xperience instance. You no longer need to generate a key per channel domain. Contact sales@kentico.com if you have any questions or require assistance.

License keys are no longer bound to domains

Unlike the current license key model, which requires a separate license key for each domain used by the product (e.g., for website and email channels, or domain aliases), the new license keys are not bound to individual domains. Each Xperience by Kentico instance requires only a single license key.

Product documentation

Product documentation related to licensing was updated to reflect the newly introduced approach. The documentation will contain information about both licensing models until the end of the transition period, marked by the release of the October 2024 Refresh. All information related to the old licensing process will be removed from that point onward.

Page permissions
Page permissions allow you to manage and scope permissions to website channels, specific content tree sections, and individual pages. To enable the management of permissions on a page level, the usual View, Create, Update, and Delete permissions set for a whole website channel in the Role management application were replaced by:

• Access channel and Manage permissions permissions for individual website channel applications managed in the Role management application
• Display, Read, Create, Update, and Delete page permissions managed directly from within the website channel application

To support a seamless transition to page permissions, certain roles automatically gain the following permissions after applying the update:

• Roles with the Update permission for the Role management application gain the Manage permissions permission.
• Roles with any permissions for a particular website channel application gain the Access channel permission for the application and, within it, all corresponding page permissions.

Page permissions are not included in CI/CD data. After performing a CI/CD restore operation, any moved and newly created pages inherit permissions from their new parent page.

Usage tracking
Content editors can now in content throughout the system to help them make informed decisions when editing or deleting already published content. The Usage tab is now available for all content items in the Content hub. It contains a listing of reusable items and channel items that link to the currently viewed content item using the content item selector or the rich text editor.

Channel type conversion
Headless and website channels can now be converted between microchannels and regular channels using the General tab when editing a channel in the Channel management application.

Workflow roles with control over all steps
Workflows can now be configured to have a set of roles with “full control” (in addition to roles assigned to individual workflow steps). Users in these roles can work with all steps in the workflow, and also directly publish items from any step.

Scheduled maintenance of Xperience Portal projects
To minimize the possible negative effects of on your Xperience Portal projects, you can now choose specific weekdays and timeslots during which your projects can be updated in the System → Update schedule Xperience Portal application.

SaaS US West deployment regions
Support for the West US and West US 2 regions was added for SaaS deployments.

E-commerce integration – Shopify
Allows you to connect your Shopify store with an Xperience by Kentico application using Shopify Storefront and Shopify Admin APIs. The integration provides synchronization of products and e-commerce actions between the two platforms. For more information and detailed instructions, see the Xperience by Kentico Shopify integration GitHub repository.

E-commerce integration – Kentico Xperience 13
Allows you to connect a Kentico Xperience 13 store with an Xperience by Kentico application. The integration is primarily intended to enable migration of existing Kentico Xperience 13 E-Commerce projects to Xperience by Kentico, but can also be used for other scenarios. For more information and detailed instructions, see the Xperience by Kentico - Kentico Xperience 13 E-commerce GitHub repository.

The update introduces the following object types, which are supported by the Continuous Integration and Continuous Deployment features. Consider updating the repository.config files of your CI/CD repositories, particularly when using the <IncludedObjectTypes> allowlist for object type filtering.

• cms.contentworkflowrole – stores binding relationships between workflows and roles, indicating that the role has full control for all of the workflow’s steps.

The combination of using the Rich text editor form component with Text or Long text data types in the field editor is now obsolete. If you want to use the Rich text editor form component, use the new Rich text (HTML) data type. Using Text and Long text for non-rich text fields is still valid, and the data types themselves are not obsolete.

• CMS.Base.ClassHelper – there is no alternative. The type was not intended for public use. You can use the application’s service container to dynamically load all required dependencies.
• CMS.RegisterCustomManager attribute – deprecated customization pattern. Use the decorator pattern to customize the behavior of system classes.

Smart folders in Content hub
The Content hub application was extended to support smart folders, which provide a new dynamic way to organize and filter content items. Each smart folder is based on a filtering condition, such as “items modified in the last 7 days”, “items with the Draft status”, “items with the Acme tag”, etc. The condition is evaluated dynamically, so items move in and out of smart folders as their fields and metadata change. A single content item can belong into any number of smart folders. Smart folders are also available in all content item selectors throughout the system.

Scheduled unpublishing of pages and content items
”Archive” functionality for content items, website channel pages and headless items was renamed to “Unpublish”, which better reflects the feature’s intended purpose. When unpublishing content items or pages, editors can now choose whether to unpublish immediately or schedule the unpublish to a future date and time.

Scheduling support for cascade publishing
When scheduling a content item or website channel page to be published, the cascade publishing feature now schedules linked items to be published at the same time, rather than publishing them immediately.

Microchannels
The system now supports the creation of microchannels. Microchannels can contain at most 20 content items of the specific channel type – pages for website channels and headless items for headless channels. You can select the channel size when creating new channels in the Channel management application. Microchannels are not supported for Email channels.

User interface improvements
The Email selector was extended to display the Status column in the list of emails available for selection. Additionally, any disabled emails in the selector now have tooltips explaining why the email cannot be selected.

Extended support for admin UI listing page filters
Filter models for admin UI listing pages were extended to support validation rules, visibility conditions and component state configurators. Additionally, new attributes provide the option to set the filter summary text that appears above the listing for individual filter properties, and add properties that appear in the filter UI, but do not affect the resulting filtering condition. This allows developers to create more advanced filters for UI listing pages.

SaaS East US 2 deployment region
Support for the East US 2 region was added for SaaS deployments.

• API – The WhereIn and WhereNotIn WHERE condition parameterization methods used by the content item and object query API were extended with overloads accepting IEnumerable in addition to ICollection.
• Content management – All “Archive” terminology in the administration interface and API was renamed to “Unpublish”.
• Content hub – The Authentication column was removed in the Content hub listing. Instead, a “secured” icon is displayed in the Status column for items that require authentication.
• General – The names of certain objects (taxonomies, tags, content hub folders) no longer need to be unique. This applies to “display names” that appear in the user interface. The code names of objects still must be globally unique.
• Rich text editor
  • The code view of the Rich text editor no longer highlights code syntax.
  • The inline rich text editor used in Page Builder widgets no longer displays the word counter.
• User interface – Switching between pages in the pagination UI for the listing in the Content hub application now automatically scrolls to the top of the items displayed for the page.

The update introduces the following object types, which are supported by the Continuous Integration and Continuous Deployment features. Consider updating the repository.config files of your CI/CD repositories, particularly when using the <IncludedObjectTypes> allowlist for object type filtering.

• cms.smartfolder – stores smart folders, which are used to dynamically categorize and filter items in the Content hub application.

“Archive” API
All content management API with the “Archive” keyword (e.g., IContentItemManager.TryArchive, WebPageEvents.Archive, VersionStatus.Archived) was made obsolete. Use the new replacement API with the “Unpublish” keyword.

Requests to endpoints under the /admin path returned incorrect HTTP status codes in certain cases. To improve security, the following changes were made:

• Requests to endpoints under the /admin path now return a 400 HTTP status code if anti-forgery token validation fails.
• Requests to non-existing endpoints under the /admin path now return a 404 HTTP status code.

Scheduled publishing of pages and content items
When publishing content items and website channel pages, editors can now choose whether to publish immediately or select a date and time when the publish will occur.

Time values in the administration displayed in the user’s local time zone
All time values in the administration are now automatically converted and displayed in the local time zone of each user, based on browser and environment settings. For example: 01:30 PM (GMT+02:00). Internally, time values are stored in the time zone of the server where the application is running (exactly like in previous versions of Xperience by Kentico).

‘Contact has value in field’ condition for contact groups
A new Contact has value in field condition is available for contact groups. This condition is fulfilled for contacts whose value in a selected field meets the specified requirements.

Taxonomy support for headless and email channels
Fields with the Taxonomy data type can now also be added to content types for emails and headless items.

Improved filtering in content hub, headless and email channel applications
The listing in content hub, headless and email channel applications now allows editors to filter items based on assigned tags. Additionally, the listing in email channel applications also now allows editors to filter emails based on their Status.

Content hub folder properties
Users can now view the properties of folders in the Content hub application. The properties include the folder’s ID, code name, created and last modified timestamps, as well as other metadata.

API for managing content hub folders
New public API that allows developers to manage content hub folders, and move items between folders. The API can be useful when implementing integrations or migrating content.

Improved reusable field schemas visualization on the content type ‘Fields’ tab
When editing content types on the Fields tab, reusable field schema placeholder elements now display all fields that constitute the assigned schema. Selecting the edit icon () redirects you to the editing interface for the corresponding schema.

New content item query methods for reusable field schemas
Developers can now use the LinkingSchemaField and LinkedFromSchemaField methods when parameterizing data retrieval using content item queries. LinkingSchemaField retrieves all content items that link to at least one item from the provided input collection via a reusable schema field. LinkedFromSchemaField retrieves all content items linked from a reusable schema field belonging to items from the provided input collection.

User interface improvements
The editing experience was improved with two new improvements to the administration interface:

• Editors can open a preview of pages in a new tab from the page actions menu.
• Editors can resize tree UI components throughout the system to improve navigation with multiple expanded levels (e.g., in website channel applications, the page selector, Settings application, Taxonomies application).

• Content management – The names and icons of Draft item statuses were unified across all content-related applications (Content hub as well as website, email, and headless channel applications). The status names are now Draft (Initial) for new items that haven’t been published yet, and Draft (New version) for published items with a new version that is being edited.
• Email templates – The Email templates application was moved in the administration’s application list from the Digital marketing category to Configuration.
• Forms – Form submissions are now ordered according to their submission date and time in descending order (the latest form submissions are displayed first).

Generic provider updates

Info provider interfaces in the following namespaces were replaced by the generic IInfoProvider<TInfo> provider and made obsolete:

CMS.MediaLibrary

• IMediaFileInfoProvider
• IMediaLibraryInfoProvider

CMS.DataEngine

• IQueryInfoProvider
• ISettingsCategoryInfoProvider
• ISettingsKeyInfoProvider
• ITempFileInfoProvider

CMS.EventLog

• IEventLogInfoProvider

CMS.Globalization

• ICountryInfoProvider
• IStateInfoProvider

Obsolete localization API

The following API members from the CMS.Localization namespace are not intended for public use, a were made obsolete:

• IResourceStringInfoProvider, ResourceStringInfoProvider
• ResourceStringInfo, ResourceStringInfoBase<TInfo, TInfoProviderInterface>
• IResourceTranslationInfoProvider, ResourceTranslationInfoProvider
• ResourceTranslationInfo, ResourceTranslationInfoBase<TInfo, TInfoProviderInterface>
• ISQLLocalizationSource

Obsolete publish workflow step type

The SystemPublish value in the ContentWorkflowStepType enum is now obsolete. Use the SystemFinal value instead, which represents items that are scheduled to be published.

Content hub folders
The Content hub application now allows users to create a hierarchy of folders for organizing content items. The purpose of folders is to help efficiently navigate through content items in the administration interface. However, these folders cannot be used to control content delivery or filter content on the live website.

Mass publishing in Content hub
The Content hub application now supports mass publishing of content items.

Scope content items offered by content item selector by reusable field schemas
The content item selector UI form component can now filter content items according to assigned reusable field schemas. Content item selectors configured via the field editor can now select the Allowed reusable field schema option. For model-driven forms such as widget property dialogs, implement the IReusableFieldSchemasFilter interface and assign it using the ContentItemSelectorComponent attribute. See the content item selector documentation for an example.

When retrieving fields scoped by reusable field schemas via content item query, use the OfReusableSchema parameterization.

When retrieving fields scoped by reusable field schemas via GraphQL, use inline fragments to access the properties of the underlying type. See, Retrieve headless items.

Ordering in the content item and headless item selectors
The selectors now support a drag-and-drop ordering mechanism for easily reordering linked items, preserving the selected order. Both the minimum and maximum number of selectable items can now also be set. This new feature enables a substantial change in the approach to content modeling, as you can now use reusable content items instead of pages without URLs to model strictly-ordered hierarchies, including website navigation. This new approach helps declutter the website channel content tree and promotes better reusability of your content model.

Content item code name generation API
Developers can now use the CMS.ContentEngine.IContentItemCodeNameProvider API to generate globally unique code names for content items programmatically.

Updated automapping support for reusable field schema
This update introduces the option to specify which model class a given content type referenced under a reusable field schema maps to when using IContentQueryExecutor.GetMappedResult<TModel> or IContentQueryResultMapper.Map.

// Maps content types of type 'Laptop.CONTENT_TYPE_NAME' from the collection of items
// referenced by the 'IComputer' schema to the 'Laptop' model class.
[MapContentTypeReferenceTo(Laptop.LAPTOP_CLASS_NAME, typeof(Laptop))]

// Maps content types of type 'Desktop.CONTENT_TYPE_NAME' from the collection of items
// referenced by the 'IComputer' schema to the 'Desktop' model class.
[MapContentTypeReferenceTo(Desktop.DESKTOP_CLASS_NAME, typeof(Desktop))]

// Other content types map to the 'Computer' model class
[MapReferenceTo(typeof(Computer))]

// Property representing reusable field schema references
public IEnumerable<IComputer> Computers { get; set; }

When no mapping preferences are specified, the system defaults first to the type of the property representing the reusable schema and finally to the type registered via RegisterContentTypeMappingAttribute.

Expanded reusable field schema data type support
Fields defined for reusable field schemas can now use the following data types:

• Content items – content item references (content item selector)
• Media files – media library files (media file selector)
• Object code names and global identifiers (GUIDs) – references to objects managed by the system (object selector)
• Pages – web page references (page selector)
• Taxonomy – a collection of tags that belong to taxonomies (tag selector)
• Time interval
• Unique identifier (GUID)

Expanded email data type support
Fields defined in content types for emails can now use the following data types. The data types are also supported by macros in email templates.

• Media files
• Object code names
• Object global identifiers
• Pages
• Time interval
• Unique identifier (GUID)

Create pages and folders directly in the content tree
Users can now create new pages and folders directly in the content tree of website channel applications.

• Code generators – Interfaces generated for reusable field schemas now contain the code name of the schema under the REUSABLE_FIELD_SCHEMA_NAME constant.
• Content item API
  • Web page content items retrieved via content item query now contain the identifier of their corresponding website channel in the WebPageItemWebsiteChannelId property.
  • Parts of the content item creation API (CreateContentItemParameters, CreateWebPageParameters, and CreateFolderParameters) were extended with additional overloads that no longer require the code name parameters explicitly and instead use IContentItemCodeNameProvider internally to generate one. See the reusable content item page and API examples for usage examples.

The update introduces the following object types, which are supported by the Continuous Integration and Continuous Deployment features. Consider updating the repository.config files of your CI/CD repositories, particularly when using the <IncludedObjectTypes> allowlist for object type filtering.

• cms.contentfolder – stores folders used to organize items in the Content hub application. Required for all projects to ensure that the content hub works correctly.

Regular email rescheduling permissions
In order to reschedule the sendout of regular emails in email channel applications, users must now belong to a role with the Send email permission for the given application.

Resolution: Add the Send email permission to all roles that need to be able to configure when regular emails are sent.

Content hub URLs
The URLs of administration UI pages for managing individual items in the Content hub application newly include a segment representing the location of the given item. The location value can either be the ID of the folder containing the given item (highlights the folder in the content hub tree) or the all constant (displays the item under “All content items”, is valid for all items).

URL path format: /admin/content-hub/<language>/<location>/list/<item ID>/<UI page> Example: /admin/content-hub/en/all/list/19/content

Resolution: Update any stored or hardcoded URLs targeting content item admin UI pages to include the location segment. Use the all location to preserve full backward compatibility.

If you have any admin UI customizations that generate links to content item UI pages, add the location parameter to your IPageUrlGenerator.GenerateUrl calls (the order of the URL parameters is significant). Use the ContentHubSlugs.ALL_CONTENT_ITEMS constant to generate “All content items” links, which are valid for any content item.

// Service obtained using dependency injection
private readonly IPageUrlGenerator pageUrlGenerator;

//...

pageUrlGenerator.GenerateUrl<ContentItemEdit>(languageName, ContentHubSlugs.ALL_CONTENT_ITEMS, contentItemId.ToString());

If you need to generate links that preserve the currently selected folder when linking within the Content hub application, use the PageParameter attribute to retrieve and bind the folder parameter from the URL.

[PageParameter(typeof(StringPageModelBinder), typeof(ContentHubFolder))]
public string FolderId { get; set; }

Then add the retrieved value to the GenerateUrl parameters in place of the ContentHubSlugs.ALL_CONTENT_ITEMS constant.

Certain parts of the public API could not safely be used by developers, because they contained members from .Internal namespaces, which are not allowed for public use. These inconsistencies were fixed by moving API members between .Internal and public namespaces, or in certain cases by making members obsolete.

The following list covers impactful changes for public API scenarios – members that were moved from an .Internal namespace to a public one. To resolve potential issues in your code, remove the .Internal suffix from the given namespaces in using statements.

• From CMS.Automation.Internal to CMS.Automation
  • AutomationEmail – type representing custom form autoresponder emails.
• From CMS.Base.Internal to CMS.Base
  • HttpCacheability, HttpCacheRevalidation – used by properties of CMS.Base.Routing.CMSActionResult, the base class of the system’s HTTP handler return type.
• From CMS.DataEngine.Internal to CMS.DataEngine
  • GuidItem – used as an argument of CMS.DataEngine.SqlHelper.BuildGuidTable.
  • StringItem – used as an argument of CMS.DataEngine.SqlHelper.BuildStringTable.
• From CMS.Headless.Internal to CMS.Headless
  • HeadlessTokenInfo – Info class representing headless channel API keys.
• From Kentico.Content.Web.Mvc.Internal to Kentico.Content.Web.Mvc
  • ComponentFilterRegistrar – type used in the page template and form component filtering API.
  • FormAfterSubmitModeEnum – enum type representing possible actions after a user submits a form using the Form Page Builder widget. Not used in common scenarios, but could be required for certain Form widget customizations.

Info provider interfaces in the CMS.ContactManagement namespace were replaced by the generic IInfoProvider<TInfo> provider and made obsolete.

• IAccountContactInfoProvider
• IAccountInfoProvider
• IAccountStatusInfoProvider
• IContactRoleInfoProvider
• IContactStatusInfoProvider
• IContactInfoProvider
• IVisitorToContactInfoProvider
• IContactGroupInfoProvider
• IContactGroupMemberInfoProvider

Taxonomies support

Taxonomies provide users with the option to tag content. Tags can be assigned to individual pieces of content for multiple purposes including but not limited to modeling relationships, categorization, and organization and classification of data. Example uses include:

• Administrators can create taxonomies and fill them with hierarchically structured tags.
• Content editors can add tags to pages and reusable content items.
• Developers can retrieve and display content based on tags.

Query content items without specifying content type names

In previous versions of Xperience, retrieving content items via content item query required explicitly stating the content item type as a parameter of the ForContentType method. Any implementation that relied on dynamic item selection (e.g., via selector components) often had to restrict its functionality to a predefined set of content page or resort to various workarounds due to this limitation.

This release extends content item query with options to query content items without prior knowledge of their type. The available parameterization alternatives include:

• Assigned reusable field schemas – selects items from content types with the specified reusable schema assigned. Selection can be further limited using conventional WHERE conditions.
• Content item identifiers, GUIDs, or code names (for website pages) – selects items that match the provided collection of identifiers (e.g., via the Page selector component).
• A list of content types – selects items that match the provided content type names. Doesn’t require repeated ForContentType calls.

The new querying API is available via the ForContentTypes method on ContentItemQueryBuilder. See Reference - Content item query for details.

Enhancements to content item query result mapping

The process of mapping database data returned by content item queries to objects used by the live site was updated to address the requirements introduced by the querying improvements outlined above.

The existing implementation using IContentQueryExecutor.GetResult<TModel> (GetWebPageResult for pages) requires developers to pattern-match based on content type names and assign appropriate models matching the data. This is especially noticeable when working with result sets comprised of multiple content types:

// Mapping a result set containing multiple content types
await contentQueryExecutor.GetResult<IContentItemFieldsSource>(builder, dataContainer =>
{
    // Pattern-matching to suitable model classes
    switch(dataContainer.ContentTypeName)
    {
      case Coffee.CONTENT_TYPE_NAME:
          return contentQueryResultMapper.Map<Coffee>(dataContainer);
      case Event.CONTENT_TYPE_NAME:
          return contentQueryResultMapper.Map<Event>(dataContainer);
      default:
          throw new Exception("Attempting to map an unknown type.");
    }
});

While useful for advanced use cases, this approach leads to unnecessary boilerplate code in the majority of common scenarios. It also relies on prior knowledge of content types comprising the result set.

This version update introduces new query execution API – IContentQueryExecutor.GetMappedResult<TModel> (GetMappedWebPageResult for pages). This API abstracts the mapping function present in GetResult<TModel> and directly returns saturated model classes.

For result sets comprised of a single content type, you now omit the mapping function entirely and call:

var builder = new ContentItemQueryBuilder();
builder.ForContentType(Article.CONTENT_TYPE_NAME);

// 'GetMappedWebPageResult' directly returns an enumeration of types specified by the generic parameter
IEnumerable<Article> articles =
            await contentQueryExecutor.GetMappedWebPageResult<Article>(builder);

Result sets that are comprised of two or more content types or that retrieve objects based on reusable field schemas can also omit all pattern-matching within the mapping logic and work directly with instances of the corresponding model classes:

var builder = new ContentItemQueryBuilder();
// Uses the newly introduced API to retrieve multiple content types
builder.ForContentTypes(query =>
{
    query.OfContentType(Article.CONTENT_TYPE_NAME, Blog.CONTENT_TYPE_NAME);
    query.WithContentTypeFields();
});

// Gets a mixed collection of articles and blogs.
// The 'TModel' generic in GetMappedWebPageResult must cast the result set to a type shared by all models.
// This example uses 'IContentItemFieldsSource' - implemented by all generated model classes - as the shared type.
IEnumerable<IContentItemFieldsSource> result =
        await executor.GetMappedWebPageResult<IContentItemFieldsSource>(builder);

// Gets all articles
List<Article> articles = result.OfType<Article>().ToList();
// Gets all blogs
List<Blog> blogs = result.OfType<Blog>().ToList();

The system determines which model class to instantiate for each content type based on the RegisterContentTypeMapping attribute used to annotate model classes. The attribute is, by default, present in all generated classes. Each content type can be associated with exactly one model class via the attribute. To use the GetMappedResult methods in existing projects, regenerate all model classes to ensure the attribute is present in all models.

Additionally, as part of these changes, IContentQueryResultMapper and IWebPageQueryResultMapper, used by the mapping logic within GetResult<TModel>, were unified to offer identical functionality for all content item types (reusable, pages). Going forward, we recommend using IContentQueryResultMapper for all custom mapping operations. Related scenarios covered in the documentation were updated to reflect the new recommendation.

UI form components

• You can now provide multiple dependency fields to a form component configurator, enabling you to create more complex rules and conditions for your editing components. For example:

  
    [FormComponentConfiguration(typeof(MyConfigurator),
                                new[] { nameof(FirstDependencyField),
                                        nameof(SecondDependencyField) })]
    

• Developers can now access the ContentTypeID and IsSecured properties in IWebPagePanelItemModifier implementations, making it possible to disable pages in the Page selector form component based on their content type and access privileges. For example:

  
    public class SecuredArticlePagesPanelItemModifier : IWebPagePanelItemModifier
    {
        public WebPagePanelItem Modify(WebPagePanelItem pagePanelItem, WebPagePanelItemModifierParameters itemModifierParams)
        {
            string contentTypeCodeName = DataClassInfoProvider.GetClassName(itemModifierParams.WebPageMetadata.ContentTypeID);
  
            // Disables selection of secured pages of the 'acme.article' type
            if (string.Equals(contentTypeCodeName, "acme.article", System.StringComparison.OrdinalIgnoreCase) && itemModifierParams.WebPageMetadata.IsSecured)
            {
                pagePanelItem.SelectableOption.Selectable = false;
                pagePanelItem.SelectableOption.UnselectableReason = "Cannot select secured 'acme.article' pages";
            }
  
            return pagePanelItem;
        }
    }
    

Integrations

• CRM – The Xperience by Kentico CRM integration was updated to support bi-directional synchronization between contacts in Xperience and Leads or Contacts in the connected CRM.

• MiniProfiler – New external module that integrates Xperience by Kentico applications with MiniProfiler. This integration allows developers to optimize database queries and reduce load times. For more information, see the Xperience by Kentico MiniProfiler GitHub repository.

• Tag Manager – The Xperience by Kentico Tag Manager integration was updated to provide support for the following additional code snippets:

  • Microsoft Clarity Session recordings and Heatmaps
  • VWO A/B testing
  • Intercom chatbot
  • Google Analytics 4

• Zapier – New external module that enables you to create automated workflows, or “Zaps,” that can trigger actions across different platforms based on events that occur in Xperience by Kentico. For example, you can trigger actions in Zapier when a new contact is created or a content item’s workflow step changes. In the other direction, you can set up actions in Xperience that are triggered by “Zaps” from other applications – store external data as a form submission or change the workflow step of a content item. This integration empowers users to streamline repetitive tasks, synchronize data, and improve productivity without requiring any coding knowledge. The integration is currently in preview, with full support coming soon. For more information, see the Xperience by Kentico Zapier GitHub repository.

• Content types and reusable field schemas – Improved duplicate column name detection was added to content type and reusable field schema fields. Content type field names must be unique within the content type and across all reusable field schemas. Reusable schema field names must be unique across all reusable schema and content type fields.
• Database table API – New CMS.DataEngine.Provider<TInfo> API for directly accessing IInfoProvider<TInfo> instances in code where dependency injection is not possible.
• Website development – The RoutedWebPage type was extended by a new property containing the GUID of the currently accessed page. Developers can use this data to retrieve the page and access its content fields. For example, when developing widgets or other Page Builder components, RoutedWebPage data for the current page is accessible via ComponentViewModel.Page.

The update introduces the following object types, which are supported by the Continuous Integration and Continuous Deployment features. Consider updating the repository.config files of your CI/CD repositories, particularly when using the <IncludedObjectTypes> allowlist for object type filtering.

• cms.taxonomy – stores taxonomies, i.e., collections of related tags.
• cms.tag – stores individual taxonomy tags that can be used to organize content.

Info provider interfaces in the following namespaces were replaced by the generic IInfoProvider<TInfo> provider and made obsolete.

CMS.Activities:

• IActivityInfoProvider
• IActivityTypeInfoProvider

CMS.EmailEngine:

• IAttachmentForEmailInfoProvider
• IEmailAttachmentInfoProvider
• IEmailInfoProvider

CMS.EmailMarketing:

• IEmailBounceInfoProvider
• IEmailConfigurationInfoProvider
• IEmailLinkInfoProvider
• IEmailStatisticsInfoProvider
• IEmailStatisticsHitsInfoProvider
• IEmailTemplateInfoProvider
• IEmailSubscriptionConfirmationInfoProvider
• IEmailMarketingRecipientInfoProvider
• ISendConfigurationInfoProvider
• IRecipientListSettingsInfoProvider

CMS.Modules:

• IResourceInfoProvider

CMS.OnlineForms:

• IBizFormInfoProvider
• IFormFeaturedFieldInfoProvider
• IBizFormRoleInfoProvider

CMS.OnlineMarketing:

• ITrackedWebsiteInfoProvider

Workflow

• New workflow feature that allows you to define the life cycle for pages, reusable content items, headless items and emails. Each workflow consists of one or more custom steps between the default Draft and Published steps. This helps ensure the quality of content by setting up a reviewing and approval process tailored specifically for your organization. See Workflows.

Artificial intelligence

• New AI feature for fields using the Rich text editor form component, which allows users to refine selected pieces of text (make text shorter, improve spelling and grammar, etc.).

Image file endpoint protection

• New feature that allows improved protection of the media library image file endpoint (getmedia) for requests with resize parameters. When this feature is enabled, a validation hash is required for any image file requests with resize query string parameters. This feature is enabled for new installations by default. See Image file request protection for more information.
• Note: If image endpoint protection is enabled for an existing project updated from a previous version, you need to update certain media file URLs in your content to ensure that the content is displayed correctly.

Integrations

• Azure AI Search – An external module that enables you to create Azure AI Search indexes for the content of pages from a website channel’s content tree using a code-first approach. The module is distributed as a NuGet package. For more information, see the Xperience by Kentico Azure Search GitHub repository.

• Added a unique index on the ContentItemLanguageMetadata database table that consists of:

  • ContentItemLanguageMetadataContentItemID
  • ContentItemLanguageMetadataContentLanguageID
  • ContentItemLanguageMetadataLatestVersionStatus

• SaaS environment

  • Automatic predeployment backups are now available not only for the PROD environment, but also for QA and UAT.
  • The Memory utilization alert is now triggered when the total memory usage of your deployed projects reaches 90% instead of 80%.

• Provider interfaces in the CMS.DataProtection namespace were replaced by the generic IInfoProvider<TInfo> provider and made obsolete. Affected interfaces:
  • IConsentInfoProvider
  • IConsentArchiveInfoProvider
  • IConsentAgreementInfoProvider
• Provider interfaces in the CMS.MacroEngine namespace were replaced by the generic IInfoProvider<TInfo> provider and made obsolete. Affected interfaces:
  • IMacroIdentityInfoProvider
  • IUserMacroIdentityInfoProvider
  • IMacroRuleCategoryInfoProvider
  • IMacroRuleMacroRuleCategoryInfoProvider
  • IMacroRuleInfoProvider

The System.IdentityModel.Tokens.Jwt package (transitive dependency) was updated to the latest version.

Reusable field schemas

• Reusable field schemas enable the reuse of a collection of content type fields across multiple content types. A common use case is grouping a set of functionally related fields that often need to be duplicated across content types. For example, for search engine optimization purposes or social networking. See Reusable field schemas.
• Reusable field schemas also introduce a new type of code file primitive – reusable schema interfaces. Each interface encapsulates fields defined by its corresponding schema. The code generator now supports generating these files via the --type ReusableFieldSchemas parameter. Generated content type classes implement these interfaces as needed based on the set of assigned reusable field schemas. See Generate code files for system objects.

Headless content preview

• It’s now possible to retrieve headless items in their latest available version when using an API key with the appropriate Access type.
  • Your existing API keys will be automatically converted to the Headless content - Published Access type upon applying the update.
• After setting up the Preview URL, you can now easily navigate to your preview environment straight from a headless channel application using the Preview button.

Headless tracking

• Headless tracking enables developers to track contacts and log activities for the audience of external content channels, such as mobile apps, single-page applications, etc. Xperience then serves as a central hub where you can monitor contacts and analyze activities for all connected websites and channels. See Headless tracking.

Website development

• The RoutedWebPage type was extended by new properties containing further information about the language, content type and website channel of the currently accessed page. Developers can use this data to retrieve the page and access its content fields. For example, when developing widgets or other Page Builder components, the RoutedWebPage ComponentViewModel.Page.

Content management

• The Content hub application now supports bulk deletion of content items. Select the set of content items to delete via selectors on the left-hand side of the listing.
• Image thumbnails displayed in the user interface (e.g., in asset selector, content hub) now have a chessboard pattern as a background to improve the visibility of white images with a transparent background.

Emails

• Regular emails sent to subscribed recipients now support one-click unsubscribe. The system automatically includes the List-Unsubscribe-Post and List-Unsubscribe headers in regular emails. If a recipient uses one-click unsubscribe, the resulting request is handled in the same way as a standard unsubscribe link in email content.

Admin UI customization

• UI listing pages – Listing UI pages can now be extended with commands that apply to multiple items from the listing via the PageConfiguration.MassActions property.

File system providers

• Amazon S3 – New configuration option that controls whether Amazon S3 file system mappings fall back to the original local folder if a requested file cannot be found in Amazon S3. This fallback can cause issues when deploying files using the Continuous Deployment restore process, for example during deployment to the SaaS environment. Developers can configure the option using the introduced EnableFallbackToLocalFileSystem property of AmazonStorageOptions. The default values are true for self-managed projects and false for SaaS deployments.

  C#

  Program.cs

  Copy

  
  
    using Kentico.Xperience.AmazonStorage;
  
    var builder = WebApplication.CreateBuilder(args);
  
    builder.Services.AddKentico( ... );
  
    // Disables the fallback to the local file system
    builder.Services.Configure<AmazonStorageOptions>(options => options.EnableFallbackToLocalFileSystem = false);
  
    

Integrations

• CRM – An external module (a starter kit) that simplifies the integration of Xperience by Kentico with CRM software. The module also contains two packages that directly integrate Xperience by Kentico with Microsoft Dynamics 365 Sales and Salesforce Sales Cloud CRM. The integration enables sending form submissions from Xperience to the CRM as leads and checking synchronization status in the Xperience administration. The starter kit and two integrations are distributed as NuGet packages. See the Xperience by Kentico CRM GitHub repository for details.
• Tag Manager – An external module that allows marketers and editors to author and embed custom tags or code snippets into website channels. The module supports Google Tag Manager code snippets out of the box. The module is distributed as a NuGet package. See the Xperience by Kentico Tag Manager GitHub repository for details.

Code generators

• The --type All parameter used to generate code files for all supported objects in the system is now marked obsolete. Running the code generator utility with this parameter produces a warning in the output. The parameter’s behavior remains unchanged. However, it doesn’t support generation for reusable fields schemas introduced in this release and will output invalid code in projects that make use of this new feature. Use a combination of the existing parameters to generate equivalent output.
• Code generators now provide the option to generate object type (module class) code files without the corresponding I*Provider and *Provider classes via the --with-provider-class class parameter. The parameter defaults to true – if not provided, object type classes are generated with their corresponding providers. If set to false, only the *Info class is generated. This option was added to support the use of the generic IInfoProvider<TInfo> provider class instead of dedicated providers per object type. See Info class managers.

Data types

• The Date and Long integer number data types are now available for the fields of content types for emails.

Headless channels

• Domains that are allowed for Cross-Origin Resource Sharing (CORS) by headless channel GraphQL endpoints can now be configured in the administration using the new Settings > Content > Headless > Allowed origins setting. This setting overrides allowed domains set through the CMSHeadless.CorsAllowedOrigins key in your application’s configuration file (appsettings.json by default) or the HeadlessOptions.CorsAllowedOrigins option in your project’s startup file (Program.cs). See Retrieve headless content.

Page Builder

• The Vue.js framework used in the Page and Form Builders was updated to version 3.

Xperience Portal

• The DNS record configuration of custom channel domains in Xperience Portal now supports IPv6 AAAA records for apex domains.

Headless channels

• This release introduces a production-ready version of the headless API feature. With headless channels, you can now securely retrieve content using HTTP requests and GraphQL, and consolidate your applications, services or external websites into the Xperience ecosystem.
• Headless channel management describes how to set up and configure headless channels.
• Headless content explains how to prepare and edit the content available for headless channels.
• Retrieve headless content is a developer resource dedicated to retrieving Xperience content using GraphQL.

Content management

• Cascade publishing – When publishing a page, content item, email or headless item that links to other reusable content items, the system now displays a list of all unpublished linked items. Users can select individual linked items and publish them together with the main item. See Content hub for more information.

Code generators

• Code files generated for reusable content types now implement the IContentItemFieldsSource interface. The interface can be used as the unifying type to access system fields from a collection of multiple content types, or register extension methods that are available for all generated classes. See Generate code files for system objects.

Emails

• Email templates – Added support for displaying links to pages referenced via Pages content item fields within email templates. See Email templates for more information.

SaaS environment

• A new Level 1 project tier is now available for Xperience Portal projects. See Licenses for more information about the available project tiers.
• When downloading a backup of an application’s storage and files, you can now access and download the backup via the AzCopy or Azure Storage Explorer tools instead of downloading a possibly very large zip file.
• Support for the following SaaS deployment regions was added: Germany West Central, Japan East, UAE North, Canada Central, North Europe (Ireland) and East Asia (Hong Kong).
• Xperience Portal now displays the version of the Xperience application for all deployments.

API

• Content item query – A new IncludeTotalCount parametrization method for content item query was added. The method ensures that every retrieved item stores the total number of items, regardless of pagination applied by the Offset method. The total count can be accessed by calling GetTotalCount() on any item retrieved by the query. See Reference - Content item query.
• A new interface IWebPageFolderRetriever was added to allow developers to retrieve folders from the content tree of website channels.

• CMS.IO.Directory.PrepareFilesForImport and CMS.IO.AbstractDirectory.PrepareFilesForImport – the methods were not intended for public use.

• Content types – A content type that is allowed in a channel can no longer be removed from the channel if any content items of that type already exist under the channel. Also, when updating to this version, all missing relationships between content types and channels are automatically added.

• When registering custom data types into the system, call the registration code during application startup in the OnPreInit method of a module class. This ensures that your data types are available in all situations.

General

• .NET 8 support – Xperience by Kentico version 28.0.0 fully supports project development on .NET 8.

Languages

• When creating a new language variant of a page or content item, it is now possible to copy content from an existing language variant.

Page templates

• The Preset page template feature was restored. Preset templates allow content editors to save the Page Builder configuration and content of existing pages that are based on a template. The resulting templates can then be used as a starting point for new pages.
• TemplateViewModel and TemplateViewModel<TPropertiesType> classes were introduced to allow developers to pass a custom model to the page template’s view.

Emails

• Email templates – The content types for which an email template is allowed can now be configured directly when editing individual templates in the Email templates application.

Website development

• When accessing the current page in various website development scenarios, the API now provides RoutedWebPage objects, which contain the code name of the page’s content type in addition to the page ID and language. Developers can use this data to retrieve the page and access its content fields. For example, when developing widgets or other Page Builder components, the RoutedWebPage data for the current page is accessible in ComponentViewModel.Page.

Rich text editor

• It is now possible to manually extend the set of allowed HTML attributes and tags in the Rich text editor.

Customization

• Module classes now support service resolution via IServiceProvider in initialization code, using the new OnInit(ModuleInitParameters) override. Additionally, the OnPreInit(ModuleInitParameters) override allows access to the application’s IServiceCollection, e.g., to configure the application’s startup options. See Run code on application startup.

Content modeling

• This release changes the accessibility of the Pages and Object code names data types.
  • Pages – this data type is now available when modeling web page and reusable content types, and object types (in custom modules). Fields of this data type store references to web pages.
  • Object code names – this data type is now available when modeling web page and reusable content types , custom object types (in custom modules) and when extending system object types. Fields of this data type store references to other objects in system via object code names.Note that the system doesn’t maintain the referential integrity of objects linked via these data types. Custom code must account for the referenced objects no longer existing or being otherwise invalid.

Admin UI authentication

• New ExpireTimespan property for AdminAuthenticationOptions that allows you to set the expiration period for authenticated admin UI sessions. See Administration - Forms authentication.

Admin UI customization

• Custom JavaScript modules can now be developed in SSL-enabled environments when using the Proxy mode. To enable SSL, add the UseSSL property to the module configuration in your Xperience instance. See Prepare your environment for admin development.

• The ITreeNode interface was removed. The interface was not functionally connected to any system logic. It was an accidental remainder from the switch to the new content modeling approach introduced by version 27.0.0.
• The IPageBuilderConfigurationSourceLoader and PageBuilderConfigurationSource types were moved to the Kentico.PageBuilder.Web.Mvc.Internal namespace and are not intended for public use.

The following API members were marked obsolete, to be removed in one of the future releases:

• The IRoutedWebPage and IWebPageDataContext types used when getting information about the current page are now obsolete. Use RoutedWebPage and WebPageDataContext instead.
• The ActivityLoggingAPI and ActivityLoggingScript extension methods for registering activity logging scripts in page views are now obsolete. Use the new ActivityLoggingScriptV2 method instead. The method has optional parameters that allow you to enable or disable logging scripts for page-related activities and custom activities.
• The following properties of the ObjectTypeInfo class are no longer used by the system:
  • ModuleName
  • AssemblyNameColumn
  • SizeColumn
  • MimeTypeColumn
  • ResourceIDColumn
  • DependsOnIndirectlyAfter upgrading, your custom object type classes may output warnings related to these properties. Manually remove the offending code or regenerate the affected classes using the code generator.
• The update obsoletes the following API members related to the content model used prior to version 27.0.0 and which are no longer actively used by the system:
  • FieldBase.External
  • FieldBase.IsInherited
  • IField.External
  • IField.IsInherited
  • FormCategoryInfo.IsInherited
• The following properties were made obsolete with no replacement:
  • FormFieldInfo.GetResolvedDefaultValue
  • FormFieldInfo.SetResolvedDefaultValue
  • FormInfo.AddFormCategory
  • FormInfo.CombineWithForm
  • FormInfo.EnsureDefaultValues
  • FormHelper.EnsureDefaultValues
  • FormHelper.GetOriginalFileName
  • FormHelper.GetGuidFileName

The following list covers breaking changes in frequently used API scenarios, but is not a comprehensive list of all API changes.

• Data caching
• Content item API
• DocumentEngine replaced with ContentEngine and Websites projects.
  • Use generated content type classes to access page data instead of TreeNode.
  • Use IWebPageManager to manipulate pages instead of TreeNode methods.
  • The IPageDataContextRetriever service was replaced with the IWebPageDataContextRetriever and the returned object has changed.
• Content retrieval
  • DocumentQuery and the IPageRetriever interface were removed, see Retrieve page content.
• Activities
  • The IPagesActivityLogger service used to log page activities was replaced by IWebPagesActivityLogger. The methods of the service are now asynchronous and accept different parameters.
  • The CustomActivityData type used when logging custom activities has renamed properties to match the the new data structure of pages and languages.
• Cross-site tracking
  • When configuring the cross-site tracking feature for the application, the ConsentSettings property of CrossSiteTrackingOptions now accepts an IEnumerable collection of CrossSiteTrackingConsentOptions objects instead of a single object. Add one object for every website channel where you wish to use the feature.
  • The kxt('consentdata'); function in cross-site tracking scripts now requires a languageName parameter instead of cultureCode. Set the parameter’s value to the code name of the language in which you want to load the consent texts.
• Bounced email configuration – When configuring bounced email tracking for an SMTP email client, the SoftBounceLimit property is now available in a new BouncedEmailsGlobalOptions options class instead of BouncedEmailsOptions.
• Content tree-based routing – The method for enabling the content-tree based routing feature for the application was renamed to UseWebPageRouting.
• Cookies
  • The CookieHelper class is now obsolete. To work with cookies, use the newly added, non-static ICookieAccessor. Custom cookie registration is changing as well. Custom cookies now must be registered via the CookieLevelOptions options class on application startup. See Cookies for more information.
• Forms – Forms are now global objects, so the BizFormInfo class no longer contains the FormSiteID property.
• Legacy MVC selector API

  • The following properties used by the legacy Content selector JavaScript API were renamed:

    • Page.nodeId → Page.identifier
    • Page.nodeAliasPath → Page.treePath
    • Page.nodeGuid → Page.guid

  • The following properties used by the legacy Page selector JavaScript API were renamed:

    • pageSelectorItem.nodeGuid → pageSelectorItem.webPageGuid

  • The following properties used by the legacy Page path selector JavaScript API were renamed:

    • pathSelectorItem.nodeAliasPath → pathSelectorItem.treePath
• Page templates – Properties were renamed for PageTemplateDefinition, PageTemplateFilterContext and the RegisterPageTemplate attribute.

• AdminIdentityEmailOptions.DefaultFromAddress – use the SenderAddress property on the same object instead.
• ConsentInfo.GetConsentText – use the new asynchronous ConsentInfo.GetConsentTextAsync method instead.
• Cookies
  • CMS.Helpers.CookieHelper – use Kentico.Web.Mvc.ICookieAccessor instead. See Cookies for more information.
  • CMS.Helpers.CookieLevel – use the static properties from Kentico.Web.Mvc.CookieLevel instead. For example: Kentico.Web.Mvc.CookieLevel.Essential.Level
• With the removal of DocumentQuery from the system, many supporting APIs were made obsolete with no replacement.

• Emails – Recipient lists for regular emails are no longer managed in the Contact groups application. Instead, the new Recipient lists application provides a separate management UI for this purpose.
  • To preserve functionality, the update automatically copies all permissions that existing administration user roles have for the Contact groups application, and grants them for the new Recipient lists application.
• Contact management – The Contact groups and Recipient lists applications no longer allow contacts to be manually removed from the group or list. The option to remove contacts was misleading – the contact list is recalculated automatically based on the contact group’s condition or managed by subscriptions and unsubscriptions for recipient lists.

• Settings – The System → Files category and its Generate thumbnails setting are no longer displayed in the Settings application. The setting is always enabled by default.

• Emails

  • The Sender name and Sender email properties can no longer be set immediately when creating new emails. These properties remain available in the Properties panel when editing existing emails.
  • The Properties panel of emails is now organized into two collapsible categories – General and Sender and recipients.

• Contact management – The Status column is no longer displayed in the contact listing. This column is currently not used in Xperience by Kentico.

• SendGrid integration – The system now uses a direct dependency on the SendGrid NuGet package (updated to version 9.28.1).

• PageFormSubmissionPageBase.GetFormComponents was made asynchronous and now returns Task<ICollection<IFormComponent>>. To recover from the breaking change:
  • await the method call and change the signature of the overridden method
  • pass a CancellationToken to the method call
• IContentTypeFieldsProvider.GetFields was made asynchronous and now returns Task<ICollection<IFormFieldInfo>> . To recover from the breaking change:
  • await the method call and change the signature of the overridden method
  • pass a CancellationToken to the method call
• The GetAssetPanelInitialPropertiesResult command result type used by RichTextEditorComponent was renamed to GetMultiSourceAssetPanelPropertiesResult .
  • The type’s Enabled property was renamed to AssetPanelEnabled.
• The ReviewAndSendDialog UI page was moved from the Kentico.Xperience.Admin.Base.UIPages namespace to Kentico.Xperience.Admin.DigitalMarketing.UIPages.
• The IPageManager interface, used to manage page hierarchy, was extended with an additional CheckSecurityMismatch method.

• IPageManager.Move(TreeNode, TreeNode, PageDropPlacement) - use IPageManager.Move(PageMoveParameters) instead.
• The refresh introduces changes to confirmation dialogs that can be raised by Listing and Edit UI pages (e.g., when invoking actions or saving changes).

  • The following properties from EditConfiguration were consolidated into EditConfiguration.SubmitConfiguration.

    • SubmitVisible
    • SubmitLabel
    • SubmitTooltipText

  • The following properties from EditTemplateClientProperties were consolidated into EditTemplateClientProperties.SubmitButton.

    • SubmitVisible
    • SubmitLabel
    • SubmitTooltipText

  • The following properties from Action (descriptor of interactive elements on listing UI pages) were consolidated into Action.ConfirmationDialog .

    • Confirmation
    • ConfirmationContent
    • ConfirmationDetail
    • ConfirmationButton

  • The following properties from ActionConfiguration were consolidated into ActionConfiguration.ConfirmationConfiguration.

    • Confirmation
    • ConfirmationContent
    • ConfirmationDetail
    • ConfirmationButton
• ListingPage.GetRowsFromData was extended with a cancellation token parameter. The original method signature is now obsolete.

The refresh releases removes all API marked Obsolete since version 22.0.0.

• The Froala WYSIWYG editor that provides the Rich text editor in Xperience was updated to version 4.0.17. See Froala Editor 4.0.17 for details.
• Emails – The editing interface of Regular emails now becomes read-only after the sending starts.

• Global events – When deleting objects, the system now checks for depending objects before triggering the Delete event (ObjectEvents or *Info.TYPEINFO.Events). If any depending objects exist, the event is not triggered at all.

• Application startup – IFeaturesBuilder interface members BeforeConfiguration  and AfterConfiguration were not intended to be used in custom code and were removed from the public API. Extension methods for this interface (e.g., UsePageBuilder ) are used to add types required by various Xperience features into the application’s IoC container.
• The IDataQuery interface (CMS.DataEngine) contains two new methods:
  • GetAsyncEnumerableResult
  • GetScalarResultAsync

• Emails – The CMS.EmailEngine.EmailSender class is now obsolete. Use IEmailService to send emails (see the Email queue API example).

• The UserInfo.Enabled property was fully removed, use UserInfo.UserEnabled instead.
• The following members were removed from the content management API:
  • IPageTypeFieldsProvider  – use IContentTypeFieldsProvider instead.
  • IPageTypeFieldsProviderFactory – if this interface was used as a dependency, replace usages with IContentTypeFieldsProvider directly. The additional layer of abstraction introduced by the factory was removed completely.
  • PageType – there is no alternative. Implement a custom class to replace.
  • LoadAvailablePageTypesResult – there is no alternative. Implement a custom class to replace.
  • LoadAvailablePageTypesCommandArguments – there is no alternative. Implement a custom class to replace.
• PageFormSubmissionPageBase  – the constructor now depends on IContentTypeFieldsProvider directly.
• The CMS.AspNetCore.Platform namespace was renamed to Kentico.AspNetCore.Platform (also includes all subnamespaces).

• Data types – The AllowedObjectTypes property of DataType objects is now obsolete. Use the IsAvailableForDataClass  predicate instead.

• Forms – Emails that are assigned to the autoresponder of one or more forms can no longer be deleted.
• The Froala WYSIWYG editor that provides the Rich text editor in Xperience was updated to version 4.0.15. See Froala Editor 4.0.15 for details.
• User interface – The Properties → Metadata section in the UI of the Pages application was renamed to Information.

• During application startup, the system no longer automatically adds services related to session state and cross-origin resource sharing (CORS) to the service collection. Specifically, the IServiceCollection.AddKentico call no longer includes the following:
  • AddDistributedMemoryCache
  • AddSession – if you wish to utilize session state in your code, you need to manually Configure session state (add the required services and middleware components).
  • AddCors – to avoid potential errors, remove the UseCors call from your application’s middleware components. If you wish to use CORS, you need to manually Enable Cross-Origin Requests.
• The following dependency of the Kentico.Xperience.WebApp package was updated:
  • HtmlSanitizer from version 7 . 1 . 542 to 8.0.601. The update includes several breaking changes: #365, #370
• The following dependency of the Kentico.Xperience.Core package was updated:
  • Microsoft.Data.SqlClient from version 4.1.0 to 5.0.1. The update includes potential breaking changes: Microsoft.Data.SqlClient 5.0

• The following members were removed from the membership API. There is no provided alternative.

  • Removed properties:

    • RoleInfo.RoleIsDomain
    • UserRoleInfo.ValidTo

  • Removed constants:

    • RoleName.EVERYONE
    • RoleName.AUTHENTICATED
    • RoleName.NOTAUTHENTICATED

All changes in the database structure are automatically handled by Xperience during the update procedure. This information is provided to help you prepare in case you use custom code or scripts that rely on the original database structure.

• The following database views were changed or removed:
  • View_CMS_UserRole_Joined was removed.
  • View_CMS_UserRole_MembershipRole_ValidOnly_Joined was removed.
  • The ValidTo column was removed from View_CMS_UserRoleMembershipRole.

• Content hub – A new way of working with content was added. It is now possible to create content types (formerly page types) with a field configured to select content items. These linked content items can then be retrieved using the API. You can also manage existing content items in the Content hub application.
  • Create content types with field which allow editors to link content items.
  • Model content with content items.
  • Use the API to work with the linked content items in your code.

• Email management – When creating emails in the Email templates and Emails applications, editors can specify the following new options:

  • Plain text content – Improves deliverability of emails. Some recipients may prefer plain text emails, and certain email clients only accept plain text.
  • Email preheader – The brief text that recipients see in their inbox after the email sender information and the subject line.

• Xperience Portal – SaaS deployment uptime monitoring is now available in Xperience Portal. See Uptime monitoring.

• Administration UI development
  • Properties within configuration dialogs of admin UI, Page Builder, and Form Builder components now support multiple visibility conditions.
  • Added the option to dynamically configure the state of editing components assigned to properties in admin UI, Page Builder, and Form Builder configuration dialogs. The configuration can run on the initial load of the properties dialog or when the value of another field within the dialog changes. A typical use case are selector components (drop-down, radio buttons), whose selection changes based on the value of a different property in the dialog. See Configure editing component state.

• Forms – The listing in the Forms application contains a new column indicating whether the autoresponder is enabled for each form.

• Contact groups – When viewing the contacts belonging to a contact group in the Contact groups application, users can now select contacts to open the given profile in the Contact management application.

• The Text area UI form component for the administration provides new properties that allow configuration of the area’s minimum and maximum displayed height (number of rows).

• Rich text editor – When registering Rich text editor configurations, a display name needs to be specified for the configuration.
• Field editor – Updated the names of certain field configuration options to better describe their purpose (Tooltip text and Text below the input).

Object type management and customization
Introduced a new Modules application with the following functionality:

• Support for creating and registering object types into the system. Object types contain metadata that describe the properties and behavior of database entities integrated into and leveraging certain Xperience features.
• Support for extending system object types.
• Support for entering macro expressions. Until now, macro expressions were used by the system in the background, but were not available to users. Currently, macros are usable when configuring the default values of object type fields via the Modules application.

New email management applications
New Email templates and Emails applications that allow users to prepare and edit the content of emails directly in the Xperience administration. See Emails for more information. Currently, such emails can only be used with form autoresponders.

Xperience Portal
Custom site domains and the SendGrid sender domain can now be assigned through Xperience Portal. See Domain names for SaaS deployment and SendGrid integration.

Disqus integration
Xperience offers an external module that integrates with the Disqus comment platform. The module contains a Disqus comments widget that provides the option to add a comment section to any page on your website. Disqus also offers advanced moderation tools, analytics and monetization options. The module is distributed as a NuGet package. For more information and detailed instructions, see the Xperience by Kentico Disqus Widget GitHub repository.

Code editor UI form component
New Code editor UI form component for the administration. Provides a text editing area suitable for code, with support for syntax highlighting and line numbers.

The original Emails application in the Xperience administration was renamed to Email queue. The new Emails application is now used to manage the content of emails. See Emails.

Minimal APIs support
The system now supports application configuration using minimal APIs introduced in .NET 6.

• Project templates from the Kentico.Xperience.Templates NuGet package were updated – newly created projects leverage the minimal API configuration model by default.
• The legacy configuration model with separate program entry (Program.cs) and startup files (Startup.cs by default) remains fully supported, but its use is no longer recommended. All documentation and training materials now work with minimal APIs exclusively. To migrate your codebase to the new model, follow Migrate to the new minimal hosting model in ASP.NET Core 6.0 for framework code, and Configure new projects for Xperience-related code.

Page templates

• Page templates can now be configured using custom properties.
• Pages created using page templates that contain Page Builder content (widgets, sections) can now be saved as Preset templates and reused when creating other pages. Templates prepared by the developers (added via RegisterPageTemplate) are now referred to as Default templates. See Page templates.
• When changing the Default page template of a page, users now have the option to transfer existing Page Builder content over from the current page, assuming editable areas in both the source and target template use matching identifiers. See the Implement page templates section on Page templates for Page Builder for developer documentation, and the Change templates of existing pages section on Page templates for business documentation.

Xperience Portal
The hash string salt value assigned to Xperience Portal projects is now visible in Xperience Portal, under the Project info section of the project Dashboard. Previously, hash string salts were provided by Kentico alongside Xperience Portal projects using other channels.

Administration interface
The Xperience administration now uses an appropriately-themed dialog window when notifying users about interactive events (e.g., notifications about unsaved changes), instead of each browser’s default notification system.

The following database columns were removed. This was only a cleanup on the database level – the columns were no longer used by the system. 

• CMS_Class table – ClassIsNavigationItem
• CMS_Class table – ClassIsMenuItemType
• CMS_Document table – DocumentShowInMenu