Release Notes 2026

March

March 31st, 2026

NEW: Windows KB Patch Management Dashboard

We are introducing a comprehensive, interactive dashboard that shifts Windows update management from a device-level view to a structured, patch-centric approach. This unified experience brings together fleet-wide visibility, precise control, and enhanced security context to seamlessly manage Windows updates at scale.

• Fleet-Wide Visibility: Gain a centralized view of all Windows updates (KBs) across your device fleet. Easily track statuses (Installed, Pending, and Failed) and drill down into specific KBs to see device distribution.
• Granular KB Control: Approve and deploy specific updates to selected devices, or apply bulk actions across multiple KBs. You can instantly retry failed updates directly from the dashboard and choose whether to execute installations immediately or follow policy schedules.
• Vulnerability Insights: KBs are now enriched with associated CVE data and severity levels, allowing administrators to easily prioritize critical security updates.

This enhancement delivers improved visibility, precise control, and stronger security context for managing Windows updates across the fleet.

Learn More

• Get Started: Windows KB Management Dashboard

---

March 26th, 2026

NEW: Dedicated India AWS Region for JumpCloud Vault

The JumpCloud Vault platform is now deployed within the JumpCloud India AWS account, establishing a fully supported, localized data center region. This foundation provides Indian customers with secure credential management and privileged access tailored to their regional needs.

• Simplified Compliance: This localized foundation is critical for helping organizations easily meet strict local data residency and privacy requirements.
• Exclusive Local Storage: All Vault data, secrets, and session recordings are stored exclusively within Indian borders.
• Supported Products: Full regional support for JumpCloud Password Manager and Privileged Access Management (PAM).
• Improved Performance: Localized infrastructure means lower latency and faster performance for all Vault tenants in the region.

---

March 25th, 2026

NEW: Device-Based Discovery 

Feature: AI & SaaS Management

Identify SaaS and AI applications installed directly on user devices by leveraging existing JumpCloud agent data. This enhancement expands your discovery coverage to include desktop-based applications across macOS, Windows, and Linux endpoints, providing a centralized view of your organization's software inventory within AI & SaaS Management.

• Discover desktop applications: Use the JumpCloud Agent to detect locally installed applications and utilities on managed devices. Go to AI & SaaS Management > Settings > General Settings to toggle this discovery method on or off at any time.
• Automated inventory updates: Your application inventory is updated every 30 minutes to ensure you have the latest information on newly installed and active software across your fleet.
• Identify users and accounts: Automatically attribute application activity to JumpCloud users. Accounts where specific credentials cannot be resolved appear as Unknown.

Learn More

• Get Started: AI & SaaS Management
• Configure AI & SaaS Management

---

NEW: QR and Barcode Support 

Feature: Asset Management

Generate and print standardized QR or barcode labels directly from the JumpCloud Admin Portal to identify and track physical hardware. These labels link physical devices to their digital records in Asset Management, supporting onsite audits and inventory checks.

• Generate physical asset labels: Configure and print labels in small, medium, or large sizes for macOS, Windows, and Linux devices. Set your preferences in Device Management > Asset Management > Settings and Fields > Labels.
• Scan to verify assets: Use the labels to instantly access corresponding asset records in the field and validate devices during audits and handoffs.
• Bulk label printing: Save time during setup by selecting multiple devices from your asset list and printing labels in a single action.

NEW: Lenovo Warranty Sync

Feature: Asset Management

Automate hardware lifecycle tracking by syncing warranty information for Lenovo devices directly from the manufacturer.

• Sync Lenovo warranty details: Automatically populate asset records with real-time warranty status and expiration dates. Go to Device Management > Asset Management > Settings and Fields > General Settings and toggle Lenovo Warranty Sync to On to enable the feature.

See Configure Asset Management to learn more.

---

March 24, 2026

ENHANCEMENT: Fully customizable Identity Management (SCIM) Attribute Mapping is in Public Preview

Admins can now fully edit and add attribute mappings in both pre-built and custom Identity Management (SCIM) integrations.

• Define Source and Destination: Precisely specify which JumpCloud attribute feeds into which attribute in the Service Provider.
• Map Manager and Custom Attributes: Send data from the user's manager field or any custom attributes you've defined in JumpCloud.
• Add New Mappings: Create mappings for any attributes supported by the Service Provider's SCIM schema.
• Utilize Expressions: Manipulate data, such as formatting dates, using expressions before it's transmitted to the Service Provider.
• Preview Mappings: Review a snapshot of your configured mappings before saving to ensure accuracy.

NEW: Custom Admin Roles in Service Accounts

Learn More

---

 

Feature: Service Accounts

Admins can now link custom admin roles to a service account. Admins can select these custom roles while creating a new service account.

---

March 18, 2026

NEW: Recovery Lock Policy for Mac 

Feature: Policies

The new Recovery Lock policy secures access to macOS Recovery on Mac computers with Apple silicon. By requiring a password, this policy ensures the physical security of your managed Mac computers by preventing unauthorized user access to macOS Recovery and its associated functions, such as the startup options menu and security settings.

Key Features

• Flexible Password Management: Choose to specify a single static password for all Mac computers  bound to the policy, or automatically generate a unique Recovery Lock password for each Mac. Automatically generating passwords unlocks the following capabilities:
  • Automated Password Rotation: Enhance security by automatically rotating generated passwords on a specified interval (between 1 and 365 days).
  • Secure Access and Retrieval: Securely view the generated Recovery Lock password for a specific device directly from the Admin Portal when access is needed.
  • Ongoing Security:  Automatically generated passwords rotate 60 minutes after an administrator views them in the Admin Portal.

See Create a Mac Recovery Lock Policy to learn more.

---

March 4th, 2026

ENHANCEMENT: Upgrade to Managed Google Domain

Feature: Android EMM

JumpCloud now supports upgrading your Android Enterprise from Managed Google Play Accounts to Managed Google Domains. This recommended upgrade provides advanced management capabilities and greater visibility into Android Enterprise setup.

Key Features

• Enterprise Type Visibility: The Admin Portal now displays the specific Enterprise Type (Managed Google Play or Managed Google Domain).
• Seamless Migration: Admins can initiate a direct upgrade to a managed Google domain via a migration banner in the Device Management > MDM > Google tab.

See Upgrading to an Enterprise Google Admin Account to learn more.

---

March 3rd, 2026

NEW: Send JumpCloud Notifications to Slack

Feature: Notifications

You can now add the JumpCloud Slack App to your Slack workspace and send real time alerts and access requests directly to your configured channels, thus accelerating response times. 

Key Features

• Streamline Alerts: Route configurable JumpCloud alerts and events, such as security incidents, directory changes, and system events, directly into appropriate Slack channels for teams to see and act on issues in real time where they already work.

• Interactive Notifications: Alerts delivered to Slack include actionable buttons that admin can use to Mark as Acknowledged or Mark as Resolved for alerts without leaving the Slack interface.

• In-Channel Access Request Approvals: Integrated with the new Access Request approval flows, admins can now approve or deny access requests via interactive actions directly in Slack.

Learn More

• Configure a Slack Channel
• Managing Approvals in Slack 

---

ENHANCEMENT: Manage Access Requests Directly from Slack

Feature: Access Requests

Admins can now create Approval Flows that send access requests directly to configured Slack channels by adding the JumpCloud Slack App to a Slack workspace. You can also approve or deny access requests via interactive actions without leaving the Slack interface.

Learn More

• Managing Approvals in Slack
• Configure a Slack Channel

---

March 2nd, 2026

Member Of attribute

The Member Of attribute allows you to add users to a dynamic user group based on membership in another group. An alternative to nested groups, this approach creates direct memberships and permissions in the intended group instead of indirect relationships. This reduces privilege creep. Also, centralized rule logic is maintained in a few foundational groups.

---

February

February 28th, 2026

NEW: JumpCloud Vault

Feature: Access

The Vault Engine has been upgraded from ASP.NET Zero v8 → v14.3.0 in a single cutover, modernizing to .NET 9, Angular 20, ABP 10.3 and Metronic 8.2.8. This removes legacy CVEs/deprecations, improves performance and developer velocity, and restores supportability.

New Features

• Access Request Workflow: A modernized, streamlined interface for requesting, approving, and auditing privileged access.
• Resource Duplication: Admins can now duplicate existing resources to significantly speed up environment setup and management.
• Blocking Rules Menu: Introduced a dedicated, modernized menu for Blocking Rules, establishing the foundation for upcoming website and server restrictions.

UI/UX Enhancements

• Platform Redesign: Rebuilt from the ground up to align with JumpCloud design standards. Enjoy a faster, more intuitive, and consistent experience across Websites, Servers, and Databases.
• Modernized Session History: A dedicated Session History menu providing a full audit trail for all resource types—now featuring integrated video recordings and keystroke logs.
• Standardized Timestamps: Implemented a unified date and time format across the entire platform for improved reporting accuracy.

See JumpCloud Vault to learn more.

---

February 26th, 2026

NEW:Windows Delivery Optimization (DO) Policy

Feature: Devices

We’ve optimized network performance with smart P2P technology for Windows updates. Instead of every device downloading the same assets individually, a single machine can now securely share update files with other local peers.

• Saves Bandwidth: Stops the office internet from slowing down on "Patch Tuesday" !!!
• Speeds up Deployment: Updates and apps install much faster because they are pulled from local peers.
• Complements Windows Patching: This is the perfect partner for our Windows Patch Management and Patch Dashboard. While the dashboard tells them which devices need updates, this policy ensures those updates download efficiently without crashing the network.

See Windows Delivery Optimization (DO) Policy to learn more.

---

February 20th, 2026

ENHANCEMENT: Modernized Commands Experience

Feature: Commands

We’ve updated the entire Commands page to make it easier and more reliable to create, edit, and manage commands at scale. The new experience replaces the old side drawer view with a full-page Commands workflow.

• The previous side drawer for creating and editing commands is now a full-page view.
• This gives you more room to work with longer scripts, additional options, and more complex configurations, all in a single layout. 

See Create a Command to learn more.

 You will also see a refreshed Commands List page with clearer spacing and hierarchy, making it easier to scan commands, understand their purpose, and review key details at a glance.

---

February 17th, 2026

NEW: Feature Requests Portal and Customer Portal Enhancements

Feature: Customer Portal

Improve how you manage technical issues and provide product feedback through the updated portal experience.

• New Feature Requests Portal: Submit and track ideas for new or enhanced features in a dedicated portal. This centralized space allows you to monitor the progress of your requests over time.
• AI Assist: Enable AI Assist when creating a support case to receive an instant response based on thousands of proven solutions. This automates troubleshooting and can potentially resolve issues without waiting for a manual review.
• Expanded Product and Category Options: Select from a more detailed list of options in the Product and Category fields. These help you better categorize and track your requests while ensuring they are accurately routed to the correct teams.
• Profile Management: Update your individual contact details and set your working hours time zone directly within your profile settings.
• Multi-Tenant Visibility: Use the new Accounts tab in the main page of the Customer Portal to quickly view cases for specific tenant organizations.

Learn More

• Request Features
• Contact JumpCloud Support
• Manage support cases in the Customer Portal 
• Support in the MTP
• Best Practices for Submitting Support Tickets

---

M365 / Entra Id Last User Sync Results

We’ve improved the M365 / Entra ID Cloud Directory Sync experience by adding real-time synchronization insights. Admins can now monitor and troubleshoot user-level sync issues without digging through system logs.

Key Enhancements:

• New "Sync Status" Column: Instantly identify the health of your integration with visual success and failure indicators for every connected user
• Detailed Tooltips: Hover over any status icon to access critical metadata, including:
  • Last Attempt: The exact date and time the last sync was attempted
  • External ID: The unique identifier from Microsoft, confirmed for successful syncs
  • Direct Error Messages: For failed syncs, the specific error returned from Microsoft is displayed alongside the external ID
• Simplified Troubleshooting: Instead of searching through logs, admins can instantly identify why a user failed to sync and take corrective action based on Microsoft's direct feedback

---

ENHANCEMENT: Support for Notification-Only Rules in Alerting

Feature: Device Monitoring and Alerting

Alert rules no longer have to create an in-console alert. You can now configure a rule to send notifications only, create an in-console alert only, or do both, giving you more control over noise and escalation paths.

See Configure Rules for Device Monitoring and Alerting to learn more.

---

ENHANCEMENT: Granular Attribute Filtering for Directory Insights Event Monitoring Rule

Feature: Device Monitoring and Alerting

We’ve enhanced the Directory Insights Event Monitoring rule to provide more control over your event triggers. You can now go beyond broad event categories and apply specific attribute filters to refine your notifications.

• Expanded Event Library: We’ve expanded the range of supported Directory Insights (DI) events when creating the Directory Insights Event Monitoring rule. You can now quickly create alert rules for a much wider array of events. See Insight Alert Events to learn more.
• Attribute-Level Filtering: You can now get granular with your alerts. Define specific criteria based on event attributes to ensure you only trigger alerts for the events that actually matter. See Configure Event Attribute Filters to learn more.
  

---

February 13th, 2026

Patch Management: DDM Support for macOS and iOS

We have expanded Patch Management to support Apple’s Declarative Device Management (DDM). This update introduces new policies with enhanced capabilities for managing and enforcing updates on both macOS and iOS devices.

New Features

• iOS Support: Patch Management now fully supports iOS devices, a capability previously unavailable in legacy MDM policies.
• New Policy Types: You can now configure the following DDM-based policies to manage your Apple devices:
  • Automatic Updates: Automatically enforces the latest available OS version based on your configured deferral and grace period settings. For macOS, DDM-based policies supersede legacy MDM patch policies, offering improved performance and reliability.
  • Software Update Enforcement: Allows you to manually enforce a specific target OS version.

Learn More

• Create a DDM-based macOS Patch Policy
• Create a DDM-based iOS Patch Policy
• Create a Mac Software Update Enforcement Policy
• Create an iOS Software Update Enforcement Policy

---

February 5th, 2026

SAML SSO MFA Configuration

Admins can now configure a SAML SSO integration to send the MFA Claim in the AuthnContext within the SAML assertion, providing verifiable proof of MFA. This change helps customers meet strict access requirements for high-security applications like Salesforce, PayPal, and Epic/Impravata while eliminating no access or the "double MFA" friction for end-users.

• MFA Configuration Section: New section in SAML SSO integrations featuring a read-only AMR option and a selectable AuthContext sub-section
• Flexible Mapping Modes: 3 options for how the MFA claim will be sent in the AuthnContext
• Custom Factor Mapping Table: A new mapping table for mappingJumpCloud-supported factors (such as Push or TOTP) to specific strings, URLs, or URNs required by the SP
  Full API Support: Configuration for these claims can be doe via the API

See SSO using Custom SAML Application Connectors to learn more.

---

ENHANCEMENT: AI Search and AI Filtering Support

Feature: Asset Management

• JumpCloud AI Search now supports Asset Management data, letting you quickly find and generate reports on all of your assets.
• We've also added an AI-powered filtering widget within Asset Management to help filter your list of assets using natural language queries.

See Configure Asset Management and Get Started: JumpCloud AI Search to learn more.

---

JumpCloud Go

We have updated JumpCloud Go extension permissions for Vault users to improve password management. This update prevents your browser's native password manager from displaying password saving prompts and ensures that sensitive credentials remain private.

January

January 29th, 2026

Windows Users Can Now Preserve Credentials After Remote Password Changes
We’ve introduced a new password sync flow on Windows devices to preserve the Credential Manager and related application access after remote or off-device password resets. 

• For the best experience, we recommend users reset their password directly in the JumpCloud Tray App on their device. 
• If users reset their password off-device (for example in the User Portal or Admin Portal) they are prompted on their next login to sync their previous and current passwords. This preserves saved credentials and access to Windows applications. 
• This change is being rolled out in phases and may not be immediately available in your organization.

See Manage Windows Password to learn more.

---

January 22nd, 2026

Advanced OIDC Configuration Settings
A new Advanced Settings section is available for OIDC SSO applications, giving IT admins granular control over session security and token architecture. This update enables per-app customization of token lifetimes, token formats (JWT vs. Opaque), and audience scoping, allowing customers to meet strict compliance mandates and complex integration requirements without relying on global system defaults.

• Granular Token Lifetimes: Admins can now manually set distinct expiration windows for ID, Access, and Refresh tokens within validated ranges (from 10 minutes up to 90 days).
• Access Token Strategy: A new toggle allows admins to choose between Opaque and JWT formats for access tokens to ensure compatibility with any resource server.
• Additional Audience Configuration: Support for up to 5 additional access token audiences to facilitate complex microservices integrations or to specify the target API to receive the access token as part of the audience claim.

See SSO with OIDC to learn more.

---

January 19th, 2026

NEW: Timed Access Requests are here!

Feature: Access Requests

We have now added timed access to our Access Requests feature. Using this, admins can configure workflows to allow users to request access for a specific duration (one day, 15 days, 30 days, and so on). 

You can now replace permanent permissions with timed access to ensure users have the right level of permissions exactly when they need it—and never longer.

See Manage Approval Flows to learn more.

---

January 6th, 2026

Multi-factor Authenticators Selection in Conditional Access Policies

Admins can configure and enforce specific Multi-factor authenticators while configuring  conditional access policies. The Admin can select from a number of available factors such as JumpCloud Go, TOTP, etc. See Choosing Multi-factor Authenticators in Conditional Access Policies to learn more.