ShiftControl Release Notes

You can now connect Dream Team to ShiftControl and let HR data become the single source of truth for your user management.

Why it matters

• HR data becomes your single source of truth for identity — fewer mismatches between people records and access.

• Keeps user records clean during org changes and helps avoid paying for unused JumpCloud licenses.

What we fixed vs JumpCloud’s built-in connector

• ✅ Simpler credentials — only a Dream Team access and refresh token is required (no JumpCloud super-admin API key risk).

• ✅ Full field sync — manager, department, location, and other key attributes flow through reliably without having to talk to Dream Team support.

• ✅ Save money — JumpCloud’s native Dream Team/HRIS integration creates users as soon as they’re added in the HRIS, even if they don’t start for months. We only create users 7 days before their start date, cutting unnecessary license spend.

How it works

• ShiftControl polls Dream Team hourly and compares records.

• Adds, updates, disables, and re-enables are detected automatically.

• Pre-start provisioning — 7 days before a new hire’s start date we enable the account in silent mode so Gmail, Calendar and Docs are ready without sending a welcome email.

• Automatic offboarding — accounts are disabled on the employee’s termination date to ensure smooth, secure offboarding.

Get started

1. Add the Dream Team app to ShiftControl.

2. Go to Settings → Directories → Dream Team → Enable and then Add Authorization.

3. Paste your access token and refresh token.

4. Hit Authorize — we’ll take it from there.

Enjoy cleaner user data, smoother onboarding, and tighter security with our new Dream Team HRIS integration!

We’ve added a quick way to match your screen to your mood (or your existential crisis).

Press Cmd/Win + Ctrl + T to cycle through Light, Dark, and System modes, because sometimes you want that crisp daylight productivity vibe, and other times you just want to brood in the dark.

✨ Go ahead, toggle away. We won’t judge your aesthetic choices.

We’ve made it much easier to understand how users are assigned to groups — whether through dynamic rules, nested groups, or individual assignments.

You told us it was hard to tell when someone was already added through another method, especially when cleaning up manual assignments or switching to automated rules. Now you’ll see exactly how each user is assigned, wherever you manage groups:

👥 In the group side panel

Quickly see whether a user is part of the group via dynamic, nested, or individual assignment.

⚙️ In the Individual Assignment tab

See the same indicators while managing manual assignments, so you don’t add duplicates.

🔍 In the user search dropdown

Indicators now appear directly in search results — making it easier to pick the right person and avoid confusion.

We’ve redesigned the actions menu to make it sleeker and easier to use. All actions now live in a single, compact dropdown — saving space and keeping things tidy.

Dangerous actions like Delete are clearly marked in red, while the Edit option has been neatly folded into the same menu for a cleaner look.

Simple, intuitive, and just a little more polished.

You can now tag every group in your organization to instantly understand its purpose and category.

Whether it’s a department, a shared account, or a distribution list, Group Tags help make sense of even the most complex group structures.

✨ Highlights:

• Easily view and filter groups by tag (e.g., Department, Shared Account, Distribution).

• Quickly switch views in the sidebar to see all groups of a particular type.

• Perform bulk actions — change tags or delete multiple groups at once.

• Better visibility into group purpose, helping large organizations with hundreds of groups stay organized.

This feature is especially useful for organizations managing shared or system accounts across multiple services. You’ll always know which groups are tied to automation, access, or communication lists — without guesswork.

Check out the video below to see how it works!

Admins can now create, edit, and customize Group Tags directly from Settings → Group Tags.

🪄 What you can do:

• Create custom tags with a name, color, and description.

• Edit existing tags — rename, recolor, or adjust descriptions anytime.

• Reset system tags to their defaults if you make changes.

• Maintain a consistent tagging structure across your org.

Every organization starts with a default set of tags (like Department, Location, Role Access, Shared Account), but you can expand them to match your company’s specific needs — for example, Inbound Marketing or Shops.

We’ve moved Integrations into the Settings area and renamed them to Connectors to better reflect their purpose — securely connecting ShiftControl to the apps and systems that power your business.

Connectors are now organized into two categories for clarity:

🧩 Directories

Directories include your Identity Providers and HRIS systems — the sources of truth for your user and employee data.

From here, you can manage authentication to services like Google Workspace, JumpCloud, or BambooHR.

We’ve also laid the groundwork for upcoming capabilities, including a unified view of users and groups across Google and JumpCloud, and the ability to designate a primary directory.

🔗 Apps

Apps include everything else — the SaaS tools you integrate with to sync user information in and out of ShiftControl. Use this section to manage authentication and connection status for your app connectors.

You can now jump between the Employee Portal and Admin Portal in a flash! Use ⌘/Windows + J to toggle instantly, or open the ShiftControl menu to switch portals — either in the same tab or a new one.

Sometimes it’s the little things that make a big difference ✨

We’ve made the Permissions dashboard easier to explore!

🔍 You’ll now see hover details showing how many permissions each app has — and when you click the icons, you’ll see all permissions for that app across services in one clean view.

✨ We also made it more obvious that the three-lined icon at the end is clickable (yes, that one!), so you can quickly access the full authorization list.

Little improvements, big difference in clarity.

You can now clean up and organize faster than ever! Bulk management isn’t just for users anymore — you can now manage multiple Groups and Apps at once.

🧩 For Groups, you can change tags or delete multiple at a time.

:high_voltage: For Apps, you can bulk delete to tidy up your catalog in seconds.

Perfect for those satisfying clean-up sessions where you get everything just right — and save a bunch of clicks while you’re at it.

We’ve added a powerful new Permissions Dashboard that gives administrators complete visibility into how data is shared with third-party apps and services inside Google Workspace.

Many business apps connect through Google using secure authorization flows (known as OAuth). These connections can expand over time, and without proper oversight, they create risk. The new Permissions Dashboard helps teams keep that risk in check by surfacing all connections, scopes, and user actions in one easy-to-use view.

🔍 What’s new

• Centralized permissions view – See all apps that have access to your organization’s data, who granted it, and what scopes were approved.

• Detailed scope inspection – View exactly what each app can do, like reading, sending, or deleting emails.

• User-level visibility – Identify which users have granted access to specific apps and when.

• Action history – Track authorization and revocation events over time for better auditing.

• Risk insights – Highlight apps with sensitive or restricted permissions that may need review.

⚙️ Available now

The new dashboard is live for all administrators under Reports → Permissions.

No configuration required, your connected app data is already being analyzed.

Check out the explainer below for more information.

We’ve made it easier (and nicer!) to manage your settings. Instead of being spread across different menus, everything now lives in one dedicated Settings area, accessible from the ShiftControl icon at the top left.

🎉 What’s new:

• One place for everything – All personal, org, and integration settings are now unified in a single, purpose-built view.

• Easier to navigate – The new Settings experience is cleaner, faster, and ready for even more configuration options rolling out soon.

• Better portal switching – Jump between the Admin Portal and the Employee Portal right from the ShiftControl menu. The Employee Portal now opens in a new tab by default, so admins can keep both views open without losing their place.

Check out a quick demo below!

This update makes your workspace feel more connected, more intuitive, and ready for what’s next.

You can now link Deel to ShiftControl and let your HR data drive identity and access automatically.

Why it matters

• HR data becomes your single source of truth for user lifecycle management

• Keeps records aligned during team changes and avoids wasted licenses

• Reduces risk by eliminating manual data entry

What’s different from JumpCloud’s native connector

• Easier setup – just a Deel API key, no risky super-admin API access

• Richer sync – manager, department, and other attributes flow into ShiftControl reliably

• Smarter provisioning – instead of creating users the moment they appear in Deel, we only activate accounts 7 days before the official start date, saving you on unused licenses

How it works

• ShiftControl checks Deel periodically and compares employee records

• Detects new hires, changes, terminations, and re-hires automatically

• Pre-start provisioning ensures Gmail, Calendar, and Docs are ready to go without sending early notifications

• Offboarding is automatic on the employee’s end date, ensuring security stays tight

Enjoy cleaner records, smoother onboarding, and worry-free offboarding with our new Deel integration!

We’ve refreshed the look of status icons in the User Directory to make them easier to read and more consistent across the platform. The new design helps you quickly distinguish between user states and any related actions, making the directory more scannable at a glance.

You can now connect HiBob to ShiftControl and let HR data become the single source of truth for user management.

Why it matters

• HR data becomes your single source of truth for identity

• Keeps user records clean during org changes and saves JumpCloud licenses

What we fixed vs. JumpCloud’s built-in connector

• Simpler credentials – only a HiBob service user ID and token are needed (no JumpCloud super-admin API key risk)

• Full field sync – manager and other key attributes flow through reliably

• Save money – JumpCloud’s native HiBob integration creates users as soon as they’re added in HiBob, even if they don’t start for months. We only create users 7 days before their start date, saving you unnecessary license costs.

How it works

• ShiftControl polls HiBob hourly and compares records

• Detects adds, updates, disables, and re-enables automatically

• Pre-start provisioning – 7 days before a new hire’s start date, we enable the account in silent mode so Gmail, Calendar, and Docs are ready without emailing the user

• Automatic offboarding – accounts are disabled on the employee’s termination date to ensure smooth and secure offboarding

Get started

• Add the HiBob app to ShiftControl and head to Integrations → HiBob → Add Authorization

• Paste your service user ID and service user token

• Hit Authorize – we take it from there

Enjoy cleaner user data, smoother onboarding, and tighter security with our new HiBob integration!

You can now create group emails with fewer errors and more flexibility. If your JumpCloud Cloud Directory connector is set up with a default domain or multiple domains, we’ll automatically detect them and display them in a handy dropdown, making it easier to select the right domain without typos.

We also now support syncing to multiple Google Workspace directories. If you’ve configured more than one, you can choose which directory to sync with, and the available domains shown will adjust to match that selection.

This makes managing group emails across locations and workspaces smoother and less error-prone.

You can now work with tables more comfortably. Tables automatically expand to take up the full screen, giving you more room to see your data.

When you select more rows than can fit on the screen, a scroll area is dynamically added, keeping the table header fixed at the top so you can always see column names while sorting and reviewing data.

We’ve refreshed the Subscription screen to make terms clearer and more consistent across the app. The changes include:

• Title update – Now reads: Track important aspects of your subscription costs, plans, and renewals

• Contract length → Plan duration – Better reflects the subscription terminology

• Contract time period → Duration type – Clearer description of time units (e.g., Months, Years)

• Billing frequency → Billing cycle – More intuitive naming

• Contract end date → Plan end/renewal date – Aligns with subscription plan language

• End date description update – The last day of your subscription/contract → The last/renewal day of your subscription

These changes make it easier to understand your subscription details at a glance, with more consistent wording across all fields.

We’ve upgraded how you search and select groups to match the robust experience in people fields. You can now:

• Search any group by name – Quickly find the group you need without scrolling through long lists.

• Enjoy consistent sorting – Both group and people lists are now sorted properly for easier scanning.

• Streamlined experience – Group selection works just like people selection, so it’s familiar and intuitive.

Finding and assigning groups or people is now faster, easier, and more consistent.

What it does

You can now zero in on exactly the users you need, instantly.

Filter options

• Active – see everyone currently able to log in

• Disabled – hunt down disabled accounts for cleanup or review

• Staged – spot pending accounts that haven’t been enabled yet

• Scheduled Action – view users queued for future activation or deactivation

Why you’ll love it

• Faster audits and bulk actions

• Fewer clicks when handling onboarding, off-boarding, or access reviews

• A cleaner, more focused Manage Users view every time you open the page

Jump into Users in the menu, pick a state from the dropdown, and work with just the slice of your roster that matters right now.

You can now connect BambooHR to ShiftControl and let HR data become the single source of truth for user management.

Why it matters

• HR data becomes your single source of truth for identity

• Keeps user records clean during org changes and saves JumpCloud licenses

What we fixed vs. JumpCloud’s built-in connector

• Full field sync – manager and other key attributes now flow through

• Scoped credentials – supply ShiftControl with a limited BambooHR API key (no JumpCloud super-admin API key required to be shared with BambooHR)

• Save money - The native JumpCloud integration creates a staged user for new emloyees before their start date, costing you license fees. We create the users only when actually needed!

How it works

• ShiftControl polls BambooHR hourly and compares records

• Detects adds, updates, disables, and re-enables automatically

• Pre-start provisioning – 5 days before a new hire’s start date, we enable the account (silent-mode) so Gmail, Calendar, and Docs are ready without emailing the user

Get started

1. Add the BambooHR app to ShiftControl and head to Integrations → BambooHR and Add Authorization

2. Paste your scoped BambooHR API key

3. Enter your BambooHR domain

4. Hit Authorize – we take it from there

Enjoy cleaner user data, smoother onboarding, and tighter security with our new BambooHR integration!

You can now connect OmniHR to ShiftControl and let HR data become the single source of truth for user management.

Why it matters

• Turns OmniHR into a single source of truth for identities—no more manual spreadsheet uploads

• Fills a major gap: OmniHR ships no native IdP connectors, so ShiftControl delivers the first seamless path from HR to downstream apps for our many Asia-based customers

What’s new

• Full-field sync – manager, department, start date, and every other key attribute flow straight into ShiftControl

• Sync at will - Don’t want to wait for the hourly update, simply go to the actions menu for the integrations and click “Refresh data” to start a new sync

How it works

• ShiftControl polls OmniHR hourly to spot new hires, role changes, and departures

• Pre-start provisioning – five days before a new hire’s start date we silently enable the account so Gmail, Calendar, and Docs are ready without sending the welcome email or burning a staged-user license

• Automatic disable / re-enable keeps your roster accurate and compliant

Get started

1. Add the OmniHR app to ShiftControl and head to Integrations → OmniHR and Add Authorization

2. Enter the following lightweight credentials:

   • Username & Password – an OmniHR account with read access

   • OmniHR Domain – e.g., acme.omnihr.co

   • Custom Report ID – the report that exposes your employee fields

3. Click Authorize - we secure the credentials in our secret store and handle the sync from there

Enjoy hands-off user management, smoother onboarding, and a tighter security posture with the new OmniHR integration!

Need to tidy up an org—or quickly handle big changes like layoffs or seasonal off-boarding? You can now select multiple users and hit Delete from the Bulk Actions menu to remove them all at once. It’s a small quality-of-life boost that makes large-scale clean-ups faster, simpler, and a lot less click-heavy.

Need to bring a batch of previously disabled accounts back online after a temporary freeze or cleanup? You can now re-enable multiple users in one swift move! Simply select the disabled accounts and hit Enable in the Bulk Actions menu. It’s a speedy quality-of-life upgrade that gets everyone back to work without the click marathon.

The header checkbox now selects only the rows that match your current filters instead of every row in the table.

• No more accidental bulk actions on hidden data.

• Cleaner, safer workflows when you’re drilling into subsets of users, assets, or records.

Try it out

Filter any table, hit the header checkbox, and enjoy precise multi-row actions that match exactly what you see.

Understanding who has access to what is only half the battle, knowing how much you’re spending on your SaaS stack (and where that spend actually lands) is just as critical. Our new App Spend Intelligence Dashboard gives you a clear, actionable view into your SaaS costs. making it easier to spot trends, cut waste, and stay on top of renewals.

Whether you’re responsible for budgets, renewals, or just trying to wrangle sprawling SaaS usage across departments, this dashboard has you covered.

Here’s what you can do with it:

🧮 See your SaaS at a glance

View your total number of apps, active users, annual vs monthly costs, and the average cost per active user, instantly.

📊 Break down spend by ownership and usage

See how SaaS costs are assigned (who owns the budget) vs. how they’re actually consumed across departments. Great for untangling shared usage and internal chargebacks.

📆 Stay ahead of upcoming renewals

Get a forward-looking view of contract renewals so you can take action before you’re auto-renewed into another year of spend.

💡 Catch easy savings

See which of your top monthly spend apps could be converted to annual plans, complete with savings estimates.

📈 Spot your top dollar burners

Quickly identify the apps eating the biggest portion of your budget across your entire stack.

🚩 Fill in missing data

We’ll flag apps that don’t have subscription information so you can plug the gaps and make smarter decisions.

🧍 Find high-cost users

Get a ranked list of users with above-average SaaS cost so you can better manage licenses and entitlements.

💱 Convert everything to a currency that makes sense

Even if your contracts span multiple countries and currencies, you can now unify them under a single reporting currency for easy tracking and comparisons.

Check out the demo below!

Keeping tabs on reporting lines shouldn’t require a spreadsheet. With today’s release you can open a live, interactive org chart that shows your orgs users in real time.

What you can do

• See every relationship - The chart is based on the updated information in ShiftControl you always view the latest structure.

• Zoom through teams - Drag, pan, and zoom to explore from exec level down to interns.

• Go full screen - Org charts need space, easily maximize to present it or take up all your screen real estate

Why you’ll love it

Understanding how people connect drives faster approvals, smoother access reviews, and fewer “who reports to who?” moments. The ShiftControl Org Chart keeps itself up-to-date, so you can focus on work instead of diagrams.

Where to start

Org charts are available to all employees in the employee portal in the navigation sidebar. You can turn org charts off and on for your organization in your organizatio settings by going to the gear menu at the top right as an admin and going to settings.

Check out the video below for a demo!