Blog
Stay up to date with the latest from GrantFlow — product releases, new features, and roadmap announcements.
Download Agents Directly from the Admin Portal
March 16, 2026 · GrantFlow Team
The Agents tab now includes a Download Agent button that provides binaries for Windows and Linux (x64 and ARM64) along with SHA-256 hashes for integrity verification — no more hunting through release archives. Read more →
Smarter Notifications: Debouncing and Richer Account Context
March 16, 2026 · GrantFlow Team
Agent offline notifications are now held briefly and suppressed if the agent reconnects — cutting noise from transient blips. Account event emails also carry the account UPN and connector name for faster triage without opening the portal. Read more →
System Notifications for Agent, Sync, and Account Events
March 15, 2026 · GrantFlow Team
Agent connectivity, directory sync status, and password rollover events now trigger real-time email notifications to configurable system recipients — giving IT teams instant visibility into infrastructure health. Read more →
Full AD Scanning on Any Platform — Native LDAP Collection in Sentinel v0.3.0
March 14, 2026 · GrantFlow Team
GrantFlow Sentinel v0.3.0 replaces PowerShell-based AD user and group collection with native LDAP, enabling full AD scans on macOS and Linux without any Windows dependencies. Also introduces AI-powered AD hygiene analysis. Total check count: 95 across 15 domains. Read more →
Sentinel Now Detects ADCS Misconfigurations — the Most Overlooked AD Attack Surface
March 13, 2026 · GrantFlow Team
GrantFlow Sentinel v0.1.4 adds eight new AD Certificate Services checks covering ESC1–ESC4, ESC6, and ESC8 — the most commonly exploited ADCS attack paths — plus cross-platform LDAP collection and AI-assisted analysis. Total check count: 93 across 15 domains. Read more →
Coming Soon: Envelope Encryption for Passwords with Customer-Managed Keys
March 9, 2026 · GrantFlow Team
GrantFlow is adding envelope encryption for account passwords — every credential will be encrypted with a tenant-specific RSA key before it is written to Azure Key Vault, with optional customer-managed keys (BYOK) for full data sovereignty and compliance with SOC 2, ISO 27001, and BSI C5. Read more →
Track Every Notification: Delivery Log Now Available
March 8, 2026 · GrantFlow Team
Administrators can now monitor, filter, and troubleshoot every notification sent by GrantFlow with the new Delivery Log — covering email, Teams, and in-app channels in one place. Read more →
Coming Soon: Approve Access Requests Directly from Teams and Outlook
March 6, 2026 · GrantFlow Team
GrantFlow is building native Microsoft Teams and Outlook integration so approvers can review and act on just-in-time access requests directly from interactive Adaptive Cards — no browser required. Read more →
Coming Soon: Real-Time Audit Streaming to Your SIEM
March 4, 2026 · GrantFlow Team
GrantFlow is adding native audit event streaming via webhooks, server-sent events, and long-polling — so every privileged access event flows directly into your SIEM in real time. Read more →
Coming Soon: Session Management and Instant Token Revocation
March 1, 2026 · GrantFlow Team
GrantFlow is introducing application-level session management with custom session lifetimes, instant revocation, and an admin dashboard for complete session visibility. Read more →
Faster Hybrid Identity Updates — Automatic Entra Connect Sync
February 24, 2026 · GrantFlow Team
GrantFlow now triggers an Entra Connect delta sync automatically after enabling or disabling hybrid AD accounts and changing group memberships (add/remove), cutting propagation delays from hours to seconds. Read more →
A Fresh Activity Log — Tabbed Views, Better Filtering, and Full Pagination
February 18, 2026 · GrantFlow Team
The Activity Log gets a complete redesign with tabbed views for role requests, account checkouts, and eligible account activity — plus server-side pagination and rich filtering. Read more →
Catch Misconfigured Role Assignments Before They Cause Problems
February 11, 2026 · GrantFlow Team
GrantFlow now validates role assignments at creation time — checking connector availability, principal existence, and provisioning configuration immediately so misconfigurations surface before users try to activate. Read more →
Faster AD Sync: Delta Sync for Users, Groups, and Memberships
January 28, 2026 · GrantFlow Team
GrantFlow agents now sync Active Directory changes incrementally — delta sync replaces full scans for users, groups, and group memberships, keeping eligibility data fresh with a fraction of the previous load. Read more →
Automated Password Rotation for Privileged Accounts
January 14, 2026 · GrantFlow Team
GrantFlow now supports policy-driven password rotation for accounts managed through Account Checkout — automatic rotation on checkout, check-in, or schedule, with retry logic, validation, and full audit coverage. Read more →
Predictable Access Expiry: Resilient Scheduling and Clean Cancellations
December 9, 2025 · GrantFlow Team
GrantFlow's scheduler now guarantees that role activations and account checkouts expire on time, and that manual deactivations cleanly cancel all pending revocation tasks with no orphaned jobs. Read more →
LDAPS for Active Directory Connectors: Secure by Default
November 12, 2025 · GrantFlow Team
GrantFlow AD agents now connect to domain controllers over LDAPS, using the OS certificate store on the agent host to establish trusted connections without any additional configuration in GrantFlow. Read more →
Coming Soon to GrantFlow
October 20, 2025 · GrantFlow Team
We've published a concise Coming Soon page that highlights what's next for GrantFlow — focused on richer notifications, smarter approvals, faster sync, and rock-solid reliability. Read more →
Welcome to GrantFlow Documentation
October 17, 2025 · GrantFlow Team
GrantFlow makes just-in-time privileged access feel fast, safe, and auditable — built for Microsoft Azure and hybrid Active Directory. Read more →
Security Hardening — End-to-End Encryption, Agent Protection, and Certificate Security
June 2025 · GrantFlow Team
Recent security enhancements including end-to-end encrypted password reveal, certificate protection for agents, and encrypted enrollment tokens. Read more →
Introducing the GrantFlow Notification System
June 2025 · GrantFlow Team
Customizable email notifications with template editing, delivery tracking, and multi-channel support keep your team informed about every privileged access event. Read more →
Browser Session Monitoring — Track Access Across Devices
June 2025 · GrantFlow Team
New browser session tracking gives users and administrators visibility into active sessions, login history, and device-level access patterns. Read more →
Questions or want to prioritize a feature? Reach out at info@grantflow.cloud.