Dear Fineract Developers, As many of you are aware, the self-service functionality in Fineract has long been a subject of debate. There have been numerous discussions weighing the pros and cons of maintaining or removing this feature altogether.
What has become clear, however, is that the current implementation poses security risks. It is vulnerable and, critically, no contributors have stepped forward to actively maintain or address these issues. As a result, a decision has been made to begin deprecating the self-service functionality, with the ultimate goal of removing it entirely from the codebase. In keeping with our commitment to stability, we will approach this deprecation gradually. For the time being, self-service functionality will remain available—but with clear warnings to users. The first step has already been implemented: FINERACT-2283: Self-service APIs are disabled by default <https://github.com/apache/fineract/pull/4671> The next step will involve: Consolidating all self-service-related functionality into a dedicated self-service module, where all related logic will reside. We do not yet have a definitive timeline for this step. Once the module has been isolated, we will hold a vote to determine whether it should be completely removed or relocated to a deprecated/abandoned directory within the project. More updates to follow as this progresses. Best regards, Ádám
