ShiftControl Release Notes

We’ve rolled out frontend Role-Based Access Control (RBAC) across ShiftControl! This upgrade builds on our earlier RBAC API release and brings smarter access management and a better user experience to the UI. Under the hood, this is a lot of work, as each button, screen, widget, toggle, and more checks to make sure you have the right permissions.

Check out the video and read below to see what’s new!

View Mode for Everything

Every screen where you can make changes — Users, Groups, Apps, Subscriptions — now has a dedicated View Mode. No more jumping into an edit screen just to peek at some data. It’s a smoother, cleaner way to inspect without touching anything.

Click-to-View Navigation

We’ve improved the way you navigate ShiftControl. Now, clicking the name of a user, app, or group takes you straight to its View page. This aligns with what many of you were already trying to do (we saw you clicking!) — and just feels more natural.

Meet the Read-Only Admin

You can now assign a Read-Only Admin role — perfect for finance teams, auditors, or curious co-founders who need visibility into users, apps, and subscriptions but shouldn’t be changing anything. It’s a safer way to share access, without compromising your setup.

Coming Soon: More granular roles like User Admin, App Admin, Group Admin, and beyond — so you can delegate more confidently without going full super-admin.

Check out the preview of the Read Only view for the Users, Groups, and Apps areas below!

We’ve given our app catalog a major refresh! 🎨

• New Modern Logos – All 1000+ apps now have updated, high-quality logos for a cleaner and more recognizable experience.

• Detailed App Descriptions – Get more context at a glance with descriptions for nearly every app in our catalog.

• Consistent Branding – Your employee portal now reflects these updates, and we’ve also updated your existing apps in JumpCloud with the new logos.

A more polished and informative experience, all without lifting a finger.

Managing JumpCloud admins just got simpler! Previously, you had to handle JumpCloud admin roles separately in JumpCloud itself. Now, you can seamlessly add, edit, or disable JumpCloud admins right from ShiftControl. Set roles (like Admin, Help Desk, or Read-Only), toggle API access, and even trigger onboarding emails instantly—all in one convenient place.

Watch this quick video to see it live in action!

We’ve improved user activation in ShiftControl! Previously, activating users always sent an immediate activation email. Now, you can activate user accounts ahead of their start date without notifying them right away. This lets you pre-provision accounts, schedule meetings, and set up access in advance. When you’re ready, easily send activation instructions to their company or personal email—or simply set a password directly during onboarding. Activation now fits your workflow perfectly!

Check it out in action below.

You can now easily upload custom logos for your apps! Simply click or drag-and-drop logos directly in ShiftControl, and they’ll appear instantly in your employee portal. Stay tuned—these custom logos will soon be featured in even more places!

Watch this quick demo video to see how simple it is!

Your employees can now effortlessly view and manage their Multi-Factor Authentication (MFA) devices directly in the employee portal. Whether it’s a YubiKey, an authenticator app, or built-in device authenticators (Windows Hello, Apple fingerprint), your team can rename, organize, or even remove devices seamlessly. Keeping security simple—and fully under your control.

Check out this quick video to see it in action!

You can now easily view and manage your users’ MFA factors within ShiftControl. If a user replaces their phone or encounters MFA issues, simply remove the problematic factor, and they’ll be prompted to set up MFA again at their next login. No hassle, and no downtime!

Watch this quick video to see how smoothly it works!

We’ve taken the guesswork out of authorizing your integrations! Now, when adding or updating integration authorizations, you’ll see clear, step-by-step instructions guiding you through exactly what’s needed and what screens you’ll encounter next. Whether you’re integrating Slack or another service, simply follow the instructions, approve the permissions, and voilà—you’re seamlessly connected!

Check out this quick video to see it in action!

Now, there’s no mystery when deleting groups synced with Google Workspace! When you’re about to delete a synced group, you’ll clearly see exactly what will—and won’t—happen. We explain that the group itself won’t be removed from Google Workspace, but syncing will stop. You can then confidently manage your groups without surprises!

No more clicking around to find what matters most! Now, when you edit apps and groups, the tab with active config items is front and center by default. Because let’s be honest—who actually wants to start on a tab that you’re not using? :bullseye:

We’ve added helpful links directly to confirmation alerts, letting you instantly jump back to the group or item you just edited—saving you clicks and keeping things clear!

Check it out in action below.

We’ve made dropdowns even more flexible—now you can effortlessly remove your selections by clicking “Clear selection” or the handy “X” button. Small improvement, big convenience!

Our Employee Portal and Login Pages are now fully optimized for mobile devices. Whether you’re signing in or managing your profile on the go, you’ll experience a smoother, more responsive interface—no more zooming, pinching, or frustration.

🔹 Better navigation on smaller screens

🔹 Touch-friendly design for effortless interactions

🔹 Faster load times for a seamless experience

We’re taking ShiftControl integrations to the next level! We recently announced our partnership with Workato, leveraging their powerful automation engine to accelerate how we build and deploy integrations—all while keeping customer data securely isolated in tenant-specific instances.

Now, we’ve completed the heavy lifting to seamlessly link our integrations page with Workato behind the scenes. For our customers, the experience remains familiar: you’ll still enable and manage integrations just like before, but now, when you connect an app, ShiftControl automatically links that authorization to a set of managed automation recipes.

🔥 What This Means for You

• More powerful integrations, faster – We can now build and roll out integrations at scale with deeper insights.

• Richer application data – Get metadata like subscription details, license usage, and user access to ensure your records match reality.

• Better user insights – Identify unused licenses, active admins, and unexpected access with enriched user data.

• Future-ready automation – The types of integrations we can create are virtually limitless, and we’re committed to delivering new ones frequently.

This is just the beginning—expect to see more integrations, more automation, and even better control over your SaaS stack in the coming weeks! :bullseye:

You can now connect ShiftControl to your Slack workspace! 🎉

This new integration allows ShiftControl to pull user information from Slack, helping you verify that the number of assigned Slack users matches what’s in ShiftControl. Additionally, we collect user metadata—such as identifying workspace owners and admins—which will soon be surfaced in the platform to give you deeper insights into your Slack environment.

Check out a quick demo below!

🔮 What’s Next?

This is just the beginning! In the near future, our Slack workbot will enable interactive features, such as letting users query their app assignments directly in Slack. Stay tuned as we expand its capabilities to make managing your SaaS tools even easier.

To get started, head to Integrations in ShiftControl and connect Slack today!

Managing your JumpCloud integration just got easier! If you bring your own JumpCloud, you no longer need to contact support to update your API key. You can now update it yourself directly from the ShiftControl UI—no more back-and-forth with support, just a simple and seamless update process.

We’re excited to share that our API documentation is now fully available for you. This update brings several key improvements that simplify integration and enhance your experience:

• Complete API Specs: You can now download the OpenAPI spec file to use locally with tools like Postman. This makes testing and integrating with our API more straightforward than ever.

• Interactive Online Docs: Access our API docs online to explore and test various endpoints directly. This interactive approach helps you quickly understand how to leverage our API in your workflows.

• Enhanced Documentation: We’ve updated our documentation to include details on API specs and clear guidance on managing both User and Org API keys. You can view our ShiftControl documentation for managing API keys and using the API docs here.

• Easy Access to Full Specs: The complete API Documentation and Specs are available at this link.

We’ve always believed in the power of building our frontend on the same robust APIs that we expose to our customers. From the very start, we offered both user- and org-level API key management for straightforward integration. Now, we’re excited to announce that all of our APIs are fully compatible with both frontend access tokens and these API keys.

Important Permissions Considerations

• User API Keys inherit the same permissions as the user who created them. This means any actions the user can take, the API key can take as well.

• Org API Keys function as top-level administrative keys for an entire organization, granting full access to all available resources within that org.

Documentation for the /app Endpoint

An often requested feature is comprehensive API documentation. We’re thrilled to unveil our first set of docs at https://api.shiftcontrol.io/api-docs, currently focused on the /app endpoint. We prioritized this endpoint in response to our customers’ top requests, and we’re moving quickly to cover all remaining endpoints.

Multiple Formats Available

These new docs are published in OpenAPI, Redoc, Swagger, and more, giving you flexibility to choose the format that suits your workflow best.

What’s Next

We’re actively expanding the documentation to cover all remaining endpoints, so stay tuned for updates. As always, your feedback is invaluable to us—let us know how these enhancements help you build faster and more securely.

Sometimes you may want to manage an app directly in JumpCloud, which is perfectly fine. While updating and creating app in JumpCloud was always supported, we now also detect when you’ve deleted an existing app in JumpCloud and remove the corresponding app in ShiftControl.

Note: It may take up to 5 minutes for the app to be deleted in ShiftControl.

We usually assume there’s a JumpCloud application that requires deleting when we delete an app in ShiftControl, but sometimes an admin may have deleted the app in JumpCloud and it hasn’t reflected yet in ShiftControl. Now, manually deleting the app will be successful even if there’s no underlying JumpCloud app. You can also just choose to wait for the app to be deleted automatically within 5 minutes.

While most SaaS services default to SAML, OIDC is becoming increasingly popular as an option in more services. Software development companies, in particular, often rely on OIDC for testing apps or securing internal tools behind an OIDC login mechanism. To better support these scenarios, we’ve added the capability to manage OIDC apps within our platform.

This new feature allows full configuration of OIDC app parameters, including the attributes and claims you want to send to those apps.

This enhancement simplifies app testing and internal tool access, making it easier to tie everything to your employee identity for a unified and efficient workflow!

Start exploring OIDC app support today!

We’re excited to announce a significant security and management upgrade—Role-Based Access Control (RBAC) is now live in ShiftControl!

🛠️ Admin and Employee Portals

RBAC powers our newly launched Admin Portal and Employee Portal, giving users access tailored to their roles. Admins can manage users, apps, and settings, while employees enjoy a streamlined portal to access their essential tools.

👤 Easily Manage User Roles

Admins can now assign roles directly in the User Roles section, allowing seamless promotion of users to admin status or keeping them as standard users.

You can manager roles in your Org Settings → User Roles area.

🔑 API-Ready Permissions

We’ve already laid the groundwork for fine-grained permissions at the API level, ensuring future roles will have precise access controls.

🚀 What’s Available Now:

• Admin Role: Full access to manage users, groups, and settings.

• User Role: Access to the personalized Employee Portal.

🔮 Coming Soon:

• Read-Only Access

• Finance User Role

• Custom Roles for Flexible Permissions

This update ensures your organization has the flexibility and security needed to scale. Start managing roles today and experience more control with ShiftControl!

We’re excited to announce a major update to ShiftControl—a brand-new Employee Portal designed to simplify and enhance how every employee accesses their essential tool

🔑 From Admin-Only to Everyone

ShiftControl is no longer just for admins. Now, every employee can log in and enjoy a streamlined, customizable experience that serves as the gateway to all their work applications.

📂 Your Apps, Your Way

• Reorganize app cards to prioritize your most-used tools.
• Mark Favorites to quickly access what matters most.
• Personalized Layouts that stay consistent across sessions and devices.

💡 Better Than Ever

This new experience is a major upgrade from the JumpCloud console. While both the ShiftControl Employee Portal and JumpCloud console will remain available, we believe most employees will find ShiftControl to be a more user-friendly and efficient hub for daily work.

🔮 More to Come!

We’re just getting started. Soon, you’ll see new features like:

• Org Charts for easier team visibility
• App Access Requests for smoother onboarding

We’re excited to introduce a smoother, more personalized sign-in experience for all ShiftControl users!

🔐 Streamlined SSO Login

All sign-ons are exclusively via Single Sign-On (SSO), ensuring secure and consistent access for every organization.

💾 Remember Your Email

You can now choose to save your email for your next visit, making it even easier to start your day with ShiftControl.

🔄 Seamless Workflow Integration

Once you log in, you’ll be automatically redirected to JumpCloud for authentication and then sent straight back to your ShiftControl dashboard—no extra clicks needed!

This upgrade makes ShiftControl the perfect starting point for your daily workflow.

Try it out and enjoy a faster, smarter login experience!

You can now use the "company" field in your dynamic group rules, making it easier than ever to create internal groups for your own employees. Whether you're setting up groups specifically for internal use or want to exclude contractors and other external members, adding the company field to your rules gives you greater flexibility and control.

Give it a try and see how it can simplify your group management!

You can now add important notes directly to your subscriptions in the Apps tab! Whether it's a quick reminder or critical details about a specific subscription, the new notes field makes it simple to keep track of everything in one place. No more scattered sticky notes or separate spreadsheets—just a clean, easy way to stay organized.

Give it a try and keep your subscription info at your fingertips!

You can now set your organization’s default currency in the settings, simplifying your SaaS cost tracking! This default currency will be used to automatically convert the cost of each app on your dashboard, ensuring all totals reflect your chosen currency. Additionally, it’s now easier to add new subscriptions—your default currency is pre-selected when you input cost details, making setup faster and more consistent. Update your settings to see it in action!

You can now view a consolidated summary of your SaaS spending right from your dashboard! This new card provides a clear, totalized cost of all your SaaS services, calculated based on cost type and the number of assigned users. We’ve taken care to normalize these values to your organization’s default currency (based on the latest currency exchange rates), ensuring a seamless and consistent overview of your monthly or annual expenses. Dive in to see exactly where your SaaS investments stand in real time!

ShiftControl is now available as a Progressive Web App (PWA), allowing you to experience it with the feel and convenience of a native app! PWAs are special web applications that you can install directly from your browser on supported devices, adding ShiftControl to your desktop or mobile home screen. This means faster access, offline functionality for certain features, and automatic updates—no app store required. Try installing ShiftControl as a PWA to streamline your access and enjoy a more responsive experience!

Effortless Google Workspace Sync

Now, with a simple setup in ShiftControl, you can sync groups and memberships directly to Google Workspace. Just update a group, designate its email address, and let the automatic sync take care of the rest. We’ll pull in the Group Name, Description, and members from Google, ensuring that your group information stays current and aligned across platforms without manual updates.

Get a clear overview of sync status in Group Management

To make things even easier, we’ve added a new status view in the Group Management area, showing which groups are actively synced to Google Workspace. This feature offers clear visibility and better control over which groups are integrated, so you can manage them effortlessly in one place.

You can now input and save key details about your SaaS subscriptions, including contract lengths, billing frequencies, renewal dates, grace periods, and more. With this data, ShiftControl calculates your total SaaS costs, providing full visibility into where your budget is going. This is just the start! Soon, you’ll be able to access detailed cost reports, receive renewal notifications, and get insights on when to right-size your contracts before the lock-in period. We’re also working on integrations to automatically detect and update your subscription data, keeping everything accurate and up-to-date.

We’ve added a new feature that shows a quick breakdown of your SaaS costs per app, giving you the monthly and yearly cost calculations based on the number of users and contract terms. It’s now easier than ever to understand how much you’re spending on each tool and make smarter decisions for your budget. This detailed view is a game-changer for keeping your SaaS spending under control.

We’ve given the UI a fresh, intuitive makeover while exposing more detailed information across the board. Whether you’re in user management or editing apps and groups, you’ll find more helpful hints, tooltips, and contextual information at your fingertips. You can now easily see how many groups and apps each user is assigned to and navigate smoothly through frequently used configuration tabs. Even the sidebar is smarter, offering a clear overview of statuses and item counts for every section.

User management just got a boost! You can now quickly see how many groups and apps each user is assigned to. Plus, we’ve added optional columns for departments and locations, giving you a more comprehensive view of your users. The Name and Email fields are now condensed for faster access to key info.

We’ve made it easier to get a clear view of your groups. Now, you can see at a glance how many users and apps are tied to each group. This helps validate whether your group setups match your expectations. We’ve also combined group names and descriptions for a cleaner look and improved the quick-view area for easier access to key details.

App management just got more informative! We’ve updated the user sync status icons and added key details, like how many groups are assigning the app and how many users are assigned. Hovering over the group number will reveal which groups are in use. Additionally, we’ve introduced new fields for Estimated Total Cost and Currency (Available as an optional column) as part of our new SaaS Cost Management features.

We’ve introduced powerful side panels in the user, group, and app editing areas to give you a comprehensive overview at a glance.

• User Info: See all the groups a user belongs to, including how they were assigned (dynamic rule, nested rule, or individual assignment). Also, check their app assignments and whether those assignments are via a group or direct.

• Group Info: Get a breakdown of how users are assigned to a group (dynamic rules, nested rules, or individual assignments) and see which apps are tied to that group.

• App Info: View a list of users assigned to an app and the groups responsible for assigning them.

In both the group and app editing screens, you can now instantly see how many configurations are active in each tab. For example, in a group, you’ll know you’re using 3 Dynamic Rules and 1 Individual Assignment without digging into each section.

No more second-guessing when deleting! We’ve enhanced the delete confirmation process to ensure it’s crystal clear what you’re deleting and its potential impact. For added security, we also ask you to type ‘delete’ to confirm before proceeding.

Take control of your departments and locations with our new centralized management areas. Accessible in the org settings menu, you can now easily add, rename, or remove departments and locations to maintain consistency across your organization. This ensures smooth user grouping and dynamic rules while giving you the flexibility to adjust as needed.

You can now manage departments more easily with our updated dropdown field. Previously a free text field, the department selection is now a pull-down menu available in the user edit areas and dynamic group rules. This change helps eliminate mistakes like typos or inconsistent capitalization, ensuring that dynamic rules work as expected when defining groups by department. You can also quickly add new departments directly from the dropdown, streamlining the process even further.

Alongside the department improvements, we’ve introduced a location field to user profiles, allowing you to select locations from a dropdown menu for more consistent and reliable group creation. This feature ensures uniformity in location names across dynamic group rules, making it easier to create and manage groups based on geographical locations. You can even add new locations directly from the field, simplifying user management further.