Feature ideas

When syncing users from an external source it makes sense to create the users as "Active" and have a separate function to invite them. This is particularly useful when designing a feature that manages teams and groups that needs access to the entire company user list but not all users are expected to access Port.

As admin users, we have full visibility on everything that's available in Port. We can already control what users see and interact with, but we cannot easily confirm if the changes we have made are correctly tailored to them. It would be very helpful to be able to preview the changes.

Currently in self service actions, emails are not sent to the array of approvers which is generated via dynamic permissions. The behavior for dynamic permission's approvers needs to match that of static permission's approvers where emails are sent.

The initial Port implementation of SCIM does not include support for Google Workspace. It would be good if it was included.

Once a service account is created, there is no way to rotate the credentials linked with the service account unless you completely delete the service account and create it again. It would be nice to have either a UI element shown next to the service account that would allow admins to rotate the credentials (similar to how the port client secret already works) or an API to do so.

To enforce compliance standards, we need to make sure: Users can’t login unless they are coming from their secured VPN (i.e. their closed set of VPN IPs) Users can’t make API requests unless they are coming from their secured VPN (i.e. their closed set of VPN IPs)

Hi! We are trying to implement a small public-facing page that will be an API-Hub. Then our customers could get a good experience when using SwaggerUI in Port. The problem is that the user with the lowest level of access (Viewer) still sees a large amount of information that he does not need, and sometimes information that should be hidden at all. It would be great to control what the Viewer sees in more detail. As in my example, to prohibit tabs from being seen. I'm attaching some screenshots on behalf of the Viewer, as an example of the expected appearance of the page

Sync groups and roles using the SCIM integration to ease groups management and overall portal permissions.

When a self service action is unable to be executed due to the dynamic permissions not allowing the execution, the error message logged provides no context about what specific part of the dynamic permission caused the action to be denied. This makes troubleshooting and building permissions incredibly difficult as you have no idea what part of the permissions policy/condition caused the error. The error message should explain what aspect of the policy's query/condition caused the rejection of the execution.

Implement a token rotation feature within Port to enhance security and compliance by automatically updating access tokens at predefined intervals. This capability will ensure that tokens used for authentication and API access are regularly refreshed, reducing the risk of token compromise.