Changelog
Shipped, in the open
Weekly releases, no silent changes. Everything that reaches production is listed here — including the security work most vendors keep quiet.
Jul 2, 2026·2026.27New
Agent grant templates
- Reusable grant templates for AI agent fleets — define scopes, ceilings, and escalation once, stamp per-agent credentials from it.
- Console: agent activity now renders as a per-principal timeline alongside human sessions.
- SDKs: @authr/nextjs 4.11 adds server-action helpers for step-up prompts.
Jun 18, 2026·2026.25
Directory Sync conflict explorer
- Attribute conflicts across multiple upstream directories now show a resolution diff before you apply, with per-rule dry-run.
- SCIM ingestion throughput up 3.2× for bursty payloads (large group PATCHes).
- New OU-scoped sync filters for staged migrations.
May 30, 2026·2026.22Security
Quarterly signing key rotation completed
- Global EdDSA signing keys rotated across all 34 regions with zero downtime — 41st consecutive zero-downtime rotation.
- JWKS propagation p99 improved to 1.9s globally.
- Published updated key-custody attestation to the trust center.
May 12, 2026·2026.19New
Policy playground snapshots
- Save and share authorization playground scenarios with your team; replay any check against any historical policy version.
- Batch check API now supports 10,000-tuple requests with partial streaming results.
Apr 21, 2026·2026.16
Session Intelligence anomaly tuning
- Impossible-travel detection now models corporate VPN egress patterns, cutting false positives 38% in beta tenants.
- Revocation fan-out latency p99 down to 640ms globally.
- Fixed: session list pagination could skip entries during live revocation storms.
Mar 27, 2026·2026.13New
Sovereign cell general availability (EU)
- EU sovereign cells now GA: EU-resident infrastructure, EU-resident support access, EU-only cryptographic custody.
- Residency attestations added to Audit Fabric export bundles.
Feb 10, 2026·2026.06New
Authr for AI Agents
- Delegated grants: scoped, expiring credentials bound to a human principal, with hard ceilings enforced at the token layer.
- Full agent attribution in Audit Fabric — every action traces to agent, grant, and human.
- Automatic escalation to a human approver when an agent requests outside its lane.
Dec 12, 2025·2025.50
Console performance overhaul
- Org search across 100k+ organizations now returns in under 80ms.
- Audit log queries stream progressively; seven-year lookbacks no longer feel like seven years.
- Dark-room mode for SOC displays (yes, really — you asked).
Nov 6, 2025·2025.45Security
Hardware-bound session tokens (beta)
- Optional device-bound refresh tokens using platform authenticators — exfiltrated tokens become unusable off-device.
- Beta open to enterprise tenants; talk to your account team.
Oct 2, 2025·2025.40New
Audit Fabric → Snowflake native share
- Zero-ETL audit event sharing into your Snowflake account, chain verification included.
- New exporter SLOs published: p99 event-to-SIEM under 4 seconds.
Older releases available in the console · release notes ship with every version

Your security review will ask about identity. Have the good answer.
Talk to an identity architect about your stack, your compliance surface, and your migration path. Technical from the first call.
Enterprise only · No self-serve tier · Typical procurement to production: 6 weeks