New Expense Integration: Certinia 💳
Torii now integrates with Certinia to bring in expense data. The integration syncs payable-invoice expense line items, giving better visibility into software spend.
Read more here
Torii now integrates with Certinia to bring in expense data. The integration syncs payable-invoice expense line items, giving better visibility into software spend.
Read more here
The Help menu (top-right dropdown) now includes a direct link to the Onboarding Portal.
Customers can now connect Windsurf to Torii to sync their organization's members, roles, and license assignments directly into the platform. This gives teams full visibility into who has access to Windsurf's AI coding tools and how seats are allocated.
Read more here
Merge Users is fully felxible!
You can now merge users who share the same value in any single-value field from any connected app — beyond the existing Google Workspace and Microsoft Entra ID options. Pick an app, pick a field (e.g. a SailPoint Workforce ID), and Torii consolidates all users matching on that value into one.
You can find Merge Users under Settings → Users & Employees → Merge users
Every date custom field on applications, users, and contracts now exposes an (ISO format) token variant that returns a machine-readable ISO 8601 value (e.g. 2022-11-21), alongside the existing human-readable token. Drop it directly into downstream API calls or date comparisons — no conversion needed. Existing workflow tokens are unchanged, so all configured workflows continue to work.
The @ token picker now opens correctly after punctuation characters, not just spaces or at the start of a field.
Merge Branch lets you connect the end of an If/Else branch into a shared next action, so multiple branches converge on one step instead of duplicating that step in each branch.
Read more here
Reviewers can now hand off specific users in an access review to the person who knows their access best — without redoing the whole review. You now can:
Users can now complete all pending offboarding tasks in one click on the Offboarding Tasks page.
We've added an Actions Taken column to the Access Governance Policy Deviations page, which shows exactly what was done for each deviation, with direct links to the workflow execution and/or task opened. You can also group dashboards by Actions Taken for a quick breakdown. Daily policy deviation digest emails now surface how many remediation tasks were assigned to app owners and how many automatic actions Torii took in the past day or week.
Contracts now stay automatically up to date as they change in your integrated systems — no more stale data after a contract is created.
Browser extension settings are now more powerful and programmable.
Read more here
Employees can now see and complete their pending offboarding tasks directly in the Employee Portal — no more relying solely on email reminders and one-off links.
Torq is now available as an integration in Torii. Connect Torq to sync user data directly into the platform and simplify identity and access management.
Read more here
Connect Snyk to Torii to sync user data directly into the platform, giving IT and Security teams better visibility into Snyk users and simplified user lifecycle management.
Read more here
Admins can now view access review results directly in Torii without downloading a file. After a review is completed, click View report from the Access Reviews table to open a dedicated report page.
Customers can now connect Jasper to Torii and sync their workspace users.
Read more here
Access review recommendations are now powered by access policy deviations, suggesting to approve or reject access based on policy rules. Recommendation reasons are enriched with context about the type of access and why it was approved or rejected.
Approvers can now include an optional reason when declining an approval request, giving requesters clear context on the decision.
[Action Create task - Approval request: Declined-reason] for follow-up actionsYou can now sort any table by more than one column at a time using the new Sort button. Add multiple sort conditions, stacked one below the other
Runbook actions can now be used with the Microsoft Entra ID App Registration (App-only authentication) method, enabling more automation without requiring an admin sign-in. Note: one additional setup step is required — see the updated guide for details.
Read more here
Automatic Remediation is now available for governance policies! By selecting this option, Torii can now auto-fix discovered governance deviations so that you're always secure and that correct access is always provided. Feature highlights:
With this, Access Governance has graduated from Labs and is now available by default to all customers with the Torii Identity module.
User search and app-owner assignment now surface the most relevant people first.
Microsoft Intune integration now supports App Registration (App-only authentication) as an alternative to the existing Admin User (OAuth sign-in) method, so no interactive admin sign-in is required during setup or sync.
Read more here
You can now filter the third-party apps list on the Risk Mitigation page to focus on what matters most. Filter by Name, State, URL, Number of Users, or Risk Level. Filter selections persist across sessions, making it easy to dismiss noise and track only the apps you care about.
Microsoft Teams integration now supports App Registration (App-only authentication) as an alternative to the existing Admin User (OAuth sign-in) method, so no interactive admin sign-in is required during setup or sync. All standard actions are supported except Change user password and the deprecated "send as the signed-in user" actions.
Read more here
You can now duplicate workflow actions with a single click, making it faster to build similar actions without starting from scratch.
Customers can now delete applications from Torii. Hide has also moved out of the State dropdown into a new Remove menu, so Hide and Delete live together in one place.
You can now filter any text field by prefix or suffix, not just contains. The two new operators appear across user, app, and contract filters, workflow If/Else branches, and more — covering free-text, name, text, and long-text field types.
The App Catalog workflow editor now displays whether a provisioning workflow is linked to an Access Request Policy and which policy it is connected to, giving admins clearer visibility into the impact of workflow changes.
Orgs now get a ready-made Access Requests Dashboard out of the box, providing a single view into the health of your access request flow with no setup required. Available for orgs with the App Access Catalog feature enabled.
Microsoft 365 now supports App Registration (App-only authentication) as an alternative connection method, eliminating the need for an interactive admin sign-in during setup or sync. All standard actions are supported except Change user password.
Read more here
You can now use the Country (last login) field as a filter condition in the User Meet Criteria trigger and as a Personalization Token in workflows.
Customers can now connect n8n to Torii and sync their users — including roles (Owner / Admin / Member) and status — directly into the platform. This gives teams visibility into who has access to their n8n automation workflows across both n8n Cloud and self-hosted instances.
Read more here
Customers on Retool Enterprise plans can now connect Retool to Torii to sync user data and automate access management. The integration fetches Status, Role, Last Visit Time, and Groups, and includes four user actions:
Read more here
Customers can now connect Thinkific to Torii with support for 2 new user actions:
Read more here
The Licenses tile on the app page now shows a per-license-type breakdown on hover.
The Closed app in use workflow trigger can now be scoped to fire only when usage is detected by specific usage sources.
Expanded application rows on the Licenses page now sort license-type rows consistently: by Total licenses (highest first), with License name (A→Z) as a tiebreaker.
Factorial HR is now available as an HRMS integration in Torii. Connect Factorial HR to sync employee data directly into the platform for better workforce visibility across your organization.
Read more here
You can now discover, evaluate, and trigger Access Profile requests programmatically via the Torii Public API and as MCP tools — no UI required. Four endpoints are available:
Eligibility is enforced end-to-end and all calls are scoped to your API key's org. Requesting access on a user's behalf requires App Catalog write scope.
Available only in App Access Catalog Labs feature.
Click here for more details
Employees can now discover and request app access directly from Slack — without leaving the tools they use every day.
With Torii's new Slack Agent, employees can interact with the App Catalog through a simple conversational experience, making access requests faster and reducing friction across the organization:
Requires the Slack integration connected in Torii and the New App Access Catalog labs feature enabled. Install via App Catalog → Settings → Slack agent.
Click here for more details
The Transactions API is now publicly available, allowing transaction data to be read directly via the Torii API. This is also supported on the Torii MCP, enabling users to retrieve and analyze expense information through chat. Read more here
In addition to groups created in Torii, you can now select any IdP group as the eligible group when building access policy rules in the Access Governance page, and in access request policies in the App Catalog.
Supported identity providers include Okta, Entra ID, Google Workspace, OneLogin, JumpCloud, and PingOne.
Building custom integrations just got dramatically easier. Provide an application name — and optionally any API docs, endpoints, or auth details — and the AI Integration Builder will automatically research the app, analyze available APIs, and generate the integration configuration for you.
You can now set a Primary app owner and Additional app owners directly from the Update application field workflow action. Two ways to pick the owner:
For Additional app owners, you can append to or overwrite the existing owner list.
Customers can now connect Clockify to Torii and sync their workspace members.
Read more here
Customers can now connect Toggl to Torii and sync their organization users.
Read more here
Customers can now connect Elastic Cloud to Torii and sync their organization members.
Read more here
The Gong integration now supports two new workflow actions for automating user lifecycle management:
To use these actions, provide a SCIM Provisioning Token in the integration settings. Read more here
Three new columns are now available on contract line items:
Workflows can now reference a user the moment they're created — no waiting for the next daily sync. When a "Create user" action runs, the new user is synced into Torii on the spot, and any later action in the same workflow can target them using "User created in " as the user input.
Customers can now connect Coda to Torii and sync users.
Read more here
Microsoft Entra ID now supports App Registration (App-only authentication) as an alternative connection method, removing the requirement for an admin user sign-in. All standard actions are supported except Change user password and runbook actions.
Read more here
Customers can now connect Motion to Torii and sync users.
Read more here
Users can now access a dedicated Personal Settings page from the profile menu to customize their individual experience.
Customers can now connect Pinterest to Torii and sync their business members.
Read more here
Mural users are now synced into Torii, bringing in key details like Roles, Status, and Last Used Date. Available for Mural Enterprise customers only.
Read more here
Tasks and Access Requests tables now support Group by functionality.
Auditors require non-editable artifacts — now you can download and share access review reports as audit-ready PDFs in one click.
You can now see and filter users by their last-login country — available as a new field: Country (last login). This information can also be used as a filter in the Users table and is accessible in dashboard widgets.
Customers can now connect SignNow to Torii and sync users from a SignNow workspace directly into the platform.
Read more here
The User stopped using app trigger now supports a custom inactivity period — pick "Custom" and enter any number of days instead of being limited to the preset options.
Users can now choose between US (MM/DD/YYYY) and European (DD/MM/YYYY) date formats for all date picker inputs across the app.
License utilization fields have been renamed and expanded for clarity across the platform.
The following fields have been renamed to better explain what they present: how many licenses are in active use out of your total purchased licenses
Two new fields have been added, which calculate the assigned license percentage of total purchased licenses.
Any integration can now be connected multiple times — not just those with native multi-account API support. Each connection is assigned an Account Name at connect time, serving as its unique identifier so multiple accounts can be managed within the same org.
Access Profiles lets you configure multiple access request policies on a single app — each with its own name, approval flow, provisioning workflow, and eligibility groups. End users pick the right profile from a dropdown in the request modal; admins manage everything from one place.
Available now for customers with the new App Catalog enabled in Labs.
Using Access Governance policies, you can now monitor and control app access using IdP group membership. Organizations can enforce governance policies on non-integrated apps based on data provided solely through an Identity Provider like Okta or Google Workspace.
Note: grace periods and automatic remediation are not yet supported for IdP-managed policies and will be introduced in a future release. This capability is automatically available to all organizations with Access Governance enabled in Labs.
Customers can now connect Make to Torii and sync users from a Make organization directly into the platform. The integration fetches key user details including Roles, Status, and Last Used Date.
Read more here
The Jamf integration now syncs User Groups and Computer Groups (static and smart), and adds four new workflow actions:
Note: additional permissions/scopes may need to be granted to enable the new data and actions.
Read more here
Fixed an issue where stale custom field values (e.g., HiBob Termination Date) were preserved for users who left and later rejoined the organization. When a returning user is detected, Torii now automatically clears outdated custom field values and retains only the current data from the source system.
incident.io is now available as an integration in Torii. Connect your account to sync user data directly into the platform and maintain visibility into who has access to your incident management workflows.
Read more here
Customers can now connect their AWS account to Torii to gain visibility into expenses from AWS Marketplace purchases, including third-party applications, associated spend, and AI model usage through Amazon Bedrock (e.g., Anthropic Claude).
Note: This integration does not sync expense data for native AWS services and is currently in beta.
Read more here
You can now mark your favorite dashboards for easy access!
Favorite dashboards will always appear at the top of the dashboard switcher menu, and can be set or unset as favorite directly from the dashboard page or in the dashboard switcher menu itself. Each user maintains their own favorite dashboard list.
Employees can now view and track all of their app requests directly from the App Catalog, from submission through completion.
Every login to Torii — successful or failed — now appears in the Admin Audit Log under the Access event category. Admins can monitor sign-in activity, investigate suspicious attempts, and access login events via the Audit API.
Customers can now connect Discord to Torii to sync server data directly into the platform. Multiple servers are supported — one integration per server.
Learn how to connect Discord here
File attachments now supported in access review remediation.
You can now attach files during the remediation step of an access review, making it easier to provide evidence of user access removal to external auditors. Attached files are saved with the final report and can be downloaded and shared at any time.
The Product Updates page has been redesigned with a fresh modern look, dark mode support, improved search and filtering, and a new Product Replay experience that lets you quickly catch up on recent changes by timeframe and product area.
The Google integration now ingests Gemini in Workspace activity, giving visibility into how users exercise Gemini across Workspace apps — no new permissions required.
Admins can choose what time of day task reminders and escalations are sent to their org.
You can now hide multiple applications at once using the bulk actions menu on the Applications page. In the application field State, you can now select a new option: Hide App to hide all selected apps with a single click.
Auto-create Ignore Rule When Unmatching an Expense
When you click Unmatch and ignore, a pre-filled Ignore rule popup opens with the expense description (editable). On confirm, the expense is removed from the matched table and the new rule appears at the top of the matching rules table.
You can now build dashboard widgets powered by Assigned Licenses data, making it easier to visualize, slice, and aggregate license usage in one place. Use these widgets to:
Expense matching rules now support AND conditions 🎉
You can now add multiple search terms to a single "Contains" rule — all terms must appear in the transaction description for a match. Terms are displayed as chips in the input, making it easy to view and manage your conditions at a glance.
Side drawers are now resizable ✨
Drag the left edge of any side drawer to resize it — especially useful for wider content like the workflow editor and policy access request editors.
You can now automate your access review campaign launches by scheduling recurring reviews to meet your compliance requirements. Mark any campaign as recurring, and Torii will automatically relaunch it on the schedule you choose - no more manual kickoffs every quarter.
Connect Vercel to Torii to manage access and automate workflows across your development environment.
Learn how to connect Vercel here.
Connect Livestorm to Torii to manage access and automate user workflows across your webinar platform.
Learn how to connect Livestorm here.
Connect Google Cloud Platform to Torii to sync user data and gain deeper visibility into cloud access and permissions.
Learn how to connect Google Cloud Platform here.
Connect Lumin to Torii to sync user data across multiple accounts per workspace.
Learn how to connect Lumin here.
Connect Mesh Payments to Torii to sync user and transaction data across the platform.
Learn how to connect Mesh Payments here.
Catalog search supports fuzzy matching for app names, making it easier to find apps despite typos or spacing differences. Results are ranked by relevance, with the closest name matches shown first, while description search remains an exact substring match.
Torii now automatically extracts line items from contracts synced via Ironclad, Zip, and Coupa.
Added CSV export preview in workflow trigger data. It is now easier to review and share workflow details outside Torii.
You can now view a detailed list of active app licenses on the Licenses page by clicking the active licenses count in the table.
Connect Fireflies.ai to Torii to sync user data and improve visibility into adoption trends and access-discovery insights for AI meeting tools.
Connect Typeform to Torii to sync user data and improve visibility into app ownership and access-discovery insights.
Connect Apollo to Torii to sync user data and improve visibility into access-discovery insights across the organization.
Connect Payhawk to Torii to sync expenses and user data across your organization.
The OneLogin integration retrieves assigned applications directly from the API for more accurate access-discovery insights. This improves assignment coverage and helps detect apps even when they have not been actively used.
OR filters are supported in workflow triggers and if/else branches, making it easier to build flexible conditions across workflows.
Okta Assigned Apps User Field - A new multi-value user field is available for the Okta integration, showing the applications assigned to each user and improving visibility into user access.
Stacked Bar Charts are available in Dashboards for visualizing data across multiple categories in a single bar. They help break down totals by dimension and spot composition trends at a glance.
You can now send a generic task to any user from a workflow — they perform the work, click a button when done, and the workflow continues. What’s configurable:
Dragging and dropping table columns has a smoother user experience.
The Navan Expenses integration has been migrated to the new API, expanding connectivity across supported regions and improving access for organizations with API availability.
The Public API supports creating a new account for a custom integration directly through POST /services/custom, streamlining setup and reducing manual steps.
Employees can now request any app via the App Catalog by simply typing its name and adding a few details. Torii will create a custom app and route the request through the selected workflow - keeping IT in control while capturing every need. Admins can choose whether to enable this capability via app catalog settings, ensuring flexibility and governance. App Catalog settings —> Request new application —> Allow requesting unrecognized apps
Security teams can scope access reviews to the users and permissions that matter most, reducing review fatigue and improving risk coverage.
Access requests with provisioning failures can be investigated and resolved directly from the requests table, reducing the need to open workflow executions.
Discovered app users include their last used date when that information is available.
You can now see the filters for tables and widgets even if you don’t have permissions to edit them.
OR logic is available for filters across tables and dashboards, making it easier to build views that match any of several conditions. This expands filtering flexibility beyond AND-only combinations.
The Application Catalog supports filtering by any visible application field, making it easier to find the right applications with greater precision.
Access Governance supports remediation levels for policy deviations, allowing deviations to trigger tasks for app owners with detailed instructions. The setting can be configured in Access Governance settings or at the individual policy level.
Access Reviews support bulk selection and bulk actions from the users table, making it easier to review large sets of users. Selection respects the current filter and search, and optional comments can be added when approving or rejecting multiple users.
Connect Torii to AI assistants through the hosted MCP server and extend automation workflows across supported tools.
Learn how to connect Torii MCP here.
Integration Builder supports OAuth 2.0 Authorization Code authentication for custom integrations. This expands the range of APIs that can connect to Torii and provides a more secure, flexible authentication flow.
Custom integrations for apps with native integrations support custom fields, making it easier to model app data with the attributes organizations need.
Workflow actions can be reordered directly in the editor by dragging and dropping nodes into a new position. Actions can be moved up and down a flow, or between, into, and out of branches. Branch nodes are not draggable.
Exporting user lists from the first step of the Access Review wizard supports external audits and manual preparation before review actions. The export includes visible columns and respects active filters, matching the Users table behavior.
Escalation flows support auto-declining approval request tasks. Task notifications include a clear indicator when a task is automatically declined due to escalation.
Escalation and reminder notifications use styled prefixes to distinguish them from regular task assignment notifications.
Task escalation is now supported for access review remediation task.
A new version of the Contracts API provides access to the same contract data available in the UI, along with advanced filtering, aggregations, and pagination.
Learn more on our developer portal
Access governance policies now support a configurable grace period for users who change role, department, or team. This helps employees transition immediately to new roles, responsibilities and app access, while giving them time to wrap up their previous work before access is reviewed.
Create User actions return the newly created user ID as an output for use in follow-up workflow steps. This makes it easier to chain actions together and pass the created user ID dynamically into downstream steps.
A per-organization toggle is available under App Catalog settings → Notifications to control requester notifications during the access-request lifecycle. Slack, Teams, and email notifications can be disabled while preserving the default on behavior for existing organizations.
The IT Admin role includes the "Take action" permission for the Application Catalog by default, aligning access with the latest Application Catalog improvements.
Access reviews now support separate ownership for review and remediation tasks, helping teams split approval and removal responsibilities with a cleaner handoff. You can define a dedicated assignee for remediation when creating a campaign, and they will be assigned with a remediation task when access review step is completed by the reviewer. You can read more about it here
Task details are easier to understand and work with across the board. The Tasks table includes a Task Type column, and task naming is more consistent across Catalog Approval tasks and related logic.
The workflow templates gallery now includes 56 ready-made templates, ranging from simple automations to advanced multi-level branching flows. Templates are grouped by department to make it easier to find the right use case.
Fixed an issue where auto-merging users incorrectly treated business email addresses with dots as the same user.
A new SCIM action is available for managing user profiles in Miro. This action supports updating account status, roles, identity fields, and enterprise attributes.
Connect NinjaOne to Torii to sync user, app, and device data in one place.
You can now manually choose colors for each segment of a Pie Chart widget. This allows for better data storytelling and a more personalized dashboard experience.
Users reported under aliases will now be merged more accurately, so you won’t see duplicate entries when there’s actually only one app user.
Added 5 new actions to the ManageEngine MDM integration:
Learn more here.
Non-human users now have a dedicated placeholder avatar that more accurately showcases them as non-human.
Remove Slack user from channels now supports private channels, expanding coverage across your Slack workspace. If you’ve already reconnected Slack after the latest scope updates, you’re all set—otherwise, reconnect to enable this functionality.
App and contract ownership transfer can be customized through workflow actions, giving organizations control over when reassignment happens, who receives ownership, and which conditions trigger the change.
You can now add if/else branching based on the output of a custom actions, making workflows more flexible and responsive to dynamic results.
Sort table widgets directly in View Mode without switching to Edit Mode. Sorting applies only to the individual user's view, so dashboard configurations stay unchanged for everyone else.
User lifecycle tracking is more flexible and easier to review across offboarding and profile pages.
The integration syncs both user and device data, including:
Learn more on here.
Easily organize and analyze your data with the new Grouping Records feature. You can now group records by any field to quickly uncover insights and trends, making it easier to understand your data at a glance and take action faster. For example:
Take control of how access to applications is requested, approved, and managed across your organization. This powerful addition brings structure and governance to the access request process, enabling you to define clear policies, streamline approvals, and gain full visibility into access activity—all in one place. ✨ What’s new
🧪 This feature is currently available in Labs
🔧 Enable it - Go to Settings → Labs and turn on App Access Catalog.
Learn more about it here
Bulk update offboarding settings across multiple apps at once. Select several apps together and configure each to delegate, ignore, or run automatically in one go.
Integration Builder is here! Giving you the power to create custom integrations in Torii without engineering support. Enterprise customers can now connect to any API, define how data is pulled, map it to Torii fields like users, roles, and licenses, and seamlessly sync everything into Torii. All you need is a basic understanding of APIs to bring any app into your workflow.
Learn how to build your own integration here.
The Copy Widget has graduated from labs and is now accessible to all enterprise users, enhancing the flexibility and efficiency of dashboard customization.
You can now enable a “Show running total” option for Bar Chart widgets. When grouping data by a date field, this setting calculates a running total over time. This allows you to visualize cumulative growth or spend rather than individual data points.
Elevate your security posture with the new Access Governance feature. Now, you can define and automatically monitor access governance policies across all users and integrated applications. This transformative feature shifts Torii into a governance engine, enabling proactive management of access rights and immediate detection of policy deviations. Here's what you can do:
If you’d like to try it out, be part of the early access, and provide feedback that can help shape the future of this feature, you can turn it on in Settings → Labs → Access governance.
The Zoom integration now supports granular scopes, replacing classic scopes with a smaller set of only the mandatory permissions.
Task Escalation helps prevent important work from being missed by automatically taking action when a task has had no activity for a configured period of time. You can configure Task Escalation per task type, and choose what happens when the escalation threshold is reached. Additionally, escalation actions will be logged in the task activity feed. For more details visit this Help article
You can now unmatch expenses directly from the All Expenses table.
“Closed App in Use” trigger now supports multiple app states (like “Need to Close”).
Bar chart widgets in Torii now support an additional line chart view, giving you more flexibility in how you visualize trends over time. With a single click, you can seamlessly switch between bar and line presentations—making it easier to analyze patterns, compare data, and choose the format that best fits your workflow.
Connect your Shapes account to Torii and seamlessly sync HR user data into the platform. For more details, refer to the Shapes Integration Guide.
Enhance task management with new predefined views in the Open Tasks tab, including 'All Open Tasks', 'My Tasks', and 'Open More Than 2 Weeks'.
The Sync button now stays clickable after a failed sync, so you can retry directly once the issue is resolved. No need to reconnect or re-enter credentials.
Contract parsing is now significantly improved for scanned contracts, DocuSign PDFs, and image-heavy documents.
A dedicated Owned apps tab has been added to each user’s page to highlight where a user is a primary or secondary owner. The original Apps tab now exclusively displays the specific accounts a user is currently utilizing.
The Allocate By field in the “Configure chargeback” popup is now searchable.
Several new widgets have been added to the Security & Compliance dashboard that showcase data on application security grade breakdowns. (Enterprise plan).
torii-cli is now available on npm, giving you a fast way to interact with Torii’s API from the command line. It supports discovery, read and write operations, dry runs, uploads/downloads, and structured JSON output, making it ideal for automation and tools like Claude Code. Learn more how to use it here.
The 1Password SCIM Bridge integration is now available to all customers. Learn how to connect it here.
You can now customize the columns shown on the User page for a more focused, flexible view.
The logic across all user pages and tables has been updated to ensure application counts are now aligned across all views. This column is now called “Applications” in all pages and tables.
Magic parsing for Claude AI and Lovable: simply export the users list from these apps and upload it to Torii. Torii automatically maps the fields, streamlining license and role management without manual data entry.
The app users tab for apps with a non-native integration (custom, manual, and Google Sheet integrations) will now correctly show.the correct user views (“Users with access”, “Users with and without access”, and “All users from all sources”).
UKG Ready Integration is now out of beta.
Custom Fields Support: Syncing custom fields is now supported (via API). New User Fields: added support for Manager, Start Date, and Termination Date.
New integration with action for: Canny, Port.io, SysAid, Cal.com and Slite.
Added the ability to schedule criteria-based workflow triggers, including:
Torii introduces Data Agents, AI-powered fields that automatically research and populate application data for you. Instead of manually tracking app details across spreadsheets and vendor pages, Data Agents continuously gather and update information — keeping your application records accurate and up to date. Learn more about this here
Introducing Security Grade, a standardized, AI-powered scoring system that enhances visibility into the security posture of every SaaS application. This feature automates the grading of applications, aiding in the prioritization of security efforts and the mitigation of high-risk Shadow IT. Here's what you can do:
We are excited to announce the internal release of Torii Sheets, a powerful enhancement for managing user data in custom integrations.Torii Sheets provide a brand new interface to view, edit, and sync data directly to Torii for your custom integration, without any dev work needed. Torii Sheets offers several strong capabilities:
Now, users can reset top-down chargeback configurations with a single click, simplifying the process of clearing existing allocations for fresh manual re-allocation when necessary.
The following integrations now support Users Without Email: Ashby, Docker Hub, Jira, Microsoft Teams, Workfront, Confluence, Pingboard
Here's what you can do:
Introducing AI Filters, a new way to streamline your workflow. Simply describe your desired filter outcome, and let the AI configure the optimal filters for you. Here's what you can do:
Specify the exact number of hours or days needed for access
Introducing more flexibility in the access request flow of our new App Catalog. Now, users can tailor their access duration to their specific needs.
Here's what you can do:
Utilize new personalization tokens to retrieve requested access durations
Now, navigating through tables is smoother and more intuitive. Horizontal scrollbars appear when you need them, making it easier to move through columns on any device. Plus, vertical scrolling is enhanced for a seamless experience as you explore lengthy lists.
Added a refresh button within the Action Log table to pull the latest data without needing to reload the entire page.
The following integrations now support Users Without Email: Asana, Concur, Coupa, Hexnode, JFrog, Litmos, LogicMonitor, Looker, Microsoft Dynamics Business Central, Mosyle, ServiceNow, Shortcut, Tableau, Vonage Business.
These integrations now display users even if they don’t have an email address. No action needed, this data is synced seamlessly.
UX: Campaign names within the campaign configuration wizard are more emphasized and easier to edit.
API update: you can now get aggregated license data per app directly from GET /apps and GET /apps/{idApp}.
More info on our developers portal.
Branch your access request policies based on the reason text, allowing for more nuanced approval decisions.
Torii now supports Non-Human Users, giving customers a clear and built-in way to manage bots, service accounts, automations, and AI agents separately from human users. As AI and automation rapidly expand across SaaS environments, these non-human identities increasingly hold powerful access — yet have very different risk, ownership, and lifecycle characteristics than employees. Torii now automatically distinguishes humans from non-humans, ensuring these identities are visible and governed. With this new capability, you can:
Contact Torii support to tailor Coupa to your needs. Existing configurations remain unaffected.
Now, you can quickly view the specific apps included in both active and completed access review campaigns directly from the list view. This improvement makes it faster to identify the campaign you're looking for without the need to navigate to the details page.
We’ve improved the Access Review user list to make recommendations clearer and reviews faster:
Jira Cloud Service Account Authentication
Jira Cloud integration can now be connected with a service account authentication using OAuth 2.0 client credentials. This update provides a more secure and streamlined connection method.
Introducing the Scheduled Trigger, a feature that allows you to automate workflows based on a specific frequency. This addition enhances the flexibility and efficiency of managing tasks and reports. Here's what you can do:
New User.ID Personalization Token in Workflows
The new User.ID personalization token is now available.
Here's what you can do:
User.ID token to tailor workflows more accurately to individual usersGain a comprehensive view of Google user roles, encompassing both custom roles and Google’s standard system roles. Please note, this enhancement necessitates an additional permission scope. To access the updated role data, reconnecting the integration is required.
Easily track when each app's last access review was completed with the new 'Access review completed on' column in the Applications table. This feature enhances visibility and helps prioritize which apps need your attention.
A modernized, redesigned UI to make it easier for users to navigate your application catalog and request access.
Scheduled reports now include new scheduling options: Monday–Friday and Sunday–Thursday.
Jira Cloud integration now supports service account authentication using OAuth 2.0 client credentials, alongside the existing User Basic Auth option.
Expand your control over Google integration with two new actions, enabling you to assign and unassign user roles more efficiently. Here's what you can do:
Empower your admins to assign access reviews to anyone within your organization, even without Torii platform access. This update streamlines the review process, making it more inclusive and efficient. Here's what you can do:
Now, you can expedite access reviews for non-integrated apps without the need for an immediate user list upload, provided the existing list is accurate. While we still advise updating your user list for the most current data, this update allows for quicker review processes when you're confident in your existing data.
Tasks data has been added to Torii dashboards! You can now create dashboard widgets showcasing tasks data, giving you instant visibility into what’s happening and what needs attention. Task-related widgets you can now create include:
You can now change the trigger of an existing workflow without losing its actions or configuration. With this update, you can safely update the trigger of an already configured workflow while keeping:
Pie chart widgets in Torii dashboards now have a Show total option. You can toggle this in the widget configuration.
The Hexnode UEM integration now supports group syncing, with group data synced automatically and no action required.
You can now reassign active access reviews directly from the Access Reviews page or the Tasks page. If the app owner has left, or the review was assigned to someone who isn’t familiar with the app, simply click “Edit assignees” and choose a new reviewer. The access review task is reassigned immediately, and the new owner is notified to complete the review.
Active access reviews can now be open by clicking the application name.
Dashlane, Metabase, Claude Developer, OpenVPN, and Grafana are now available in Torii. Learn how to connect each integration:
The expense upload experience is now improved with several enhancements:
Users can now control who can view or modify specific workflows. This new capability allows admins and users to restrict workflow editing to relevant team members, ensuring sensitive or domain-specific automation remains secure. Additionally, we’ve introduced a new Torii scope - Create Workflows, which allows users to create and duplicate workflows, even if they don’t have the Workflow Take action scope.
Selective Branch Deletion When deleting an action with branches (e.g., if/else or approval requests), users can now choose to keep one branch instead of deleting all of them.
AWS Identity Center integration now supports user group syncing.
Users can now use AI to auto generate a name for their workflow. The user will be presented with 3 suggested names that are based on the entire workflow configuration.
The Hexnode UEM integration now syncs additional device-related user fields, including device serial numbers, device models, device OS versions, and last reported timestamp.
The PingOne integration now supports syncing user applications and includes two new user fields - PingOne Title and PingOne Groups - ****providing deeper visibility into user identities and app access.
AWS IAM integration now supports user group syncing.
Launching access reviews now automatically creates tasks in your team’s preferred channel—Slack, Microsoft Teams, or email—making reviews easier to start and act on. Automatic reminders keep assignees on track, while admins receive completion notifications in the same channel, ensuring faster reviews and better visibility without switching tools.
Learn how to connect AWS Identity Center Integration here.
Workflow trigger - license not in use
We’ve added a 7-day grace period for newly assigned licenses. This prevents inactivity workflows from triggering immediately when a license is reassigned, giving users time to start using the application before being flagged.
Resolved an issue where external users that needed to be offboarded did not appear in the to-do view.
Added new device actions to the Microsoft Intune integration—Remote Lock, Delete User’s Devices, Wipe Devices, and Bypass Activation Lock, now available for use in workflows.
App Catalog Configuration: “Ask for Duration” Toggle
Admins can now choose whether to show or hide the “Duration” field when users request access to an app from the App Catalog. By default, this field is visible, but it can be hidden via the App Catalog configuration page
Offboarding email titles now also include the offboarded user’s name.