What’s new in October 2025: simpler identity management at scale

This month in YeshID’s IAM platform, we focused on making day‑to‑day identity management easier for IT & Security leaders at mid‑sized businesses. You’ll see big improvements in how you manage workflow tasks, run groups, and stand up integrations—plus a lot of polish on CSVs, emails, and approvals.

TL;DR

• ✅ New All Tasks view with filters and bulk actions to triage work across every workflow.
• 👥 Smarter groups pages with clear owners, static membership, and tighter links to application access.
• 📦 Push Groups & SCIM upgrades so app groups and memberships stay in sync automatically.
• 🔌 Easier integrations, including Google Workspace import and more flexible OAuth headers.
• 📊 Everyday UX fixes for CSVs, access emails, Safari workflows, and approval flows.

All Tasks view — one place to triage every workflow

Work no longer hides inside individual workflows. The new All Tasks view gives you a single list of everything that needs attention across onboarding, offboarding, and access requests.

You can filter by status (incomplete, error, completed), assignee, and more, and the default view focuses on incomplete/error tasks assigned to you so you can clear your queue quickly. We’ve flattened nested tasks for easier scanning, added basic pagination so large orgs don’t bog down the browser, and tuned the backend to fetch tasks and target users in fewer queries.

On top of that, you can now bulk complete, reject, or delete selected tasks, with safeguards so automated tasks only move from “running” to “complete” when it’s safe to do so.

How to try it

1. Open the Workflows area in YeshID.
2. Look for the new All tasks view in your navigation.
3. Use the filters to narrow to your team and status, then try bulk completing a batch of done work.

Note: This view is rolling out behind a feature flag. If you don’t see it yet, reach out to your YeshID contact.

New groups experience — clearer membership and app access

Groups got a major refresh this month to make “who’s in this group and what does it do?” a much easier question to answer.

Group pages now have just two tabs—Members and Access—with Members as the default. At the top, you’ll see an editable card where you can update the group’s name, description, owners, and active status in place. You can set owners when you create a group and manage them later through a dedicated owners table, so there’s always a clear accountable contact.

Membership is now explicit and static, with tools to add or remove people in bulk from the Members tab. Behind the scenes, we record when users enter or leave a group so you have an audit trail for membership changes.

On the Access side, groups now:

• Show which applications and roles the group grants.
• Respect group‑based access when users request an app—if their group already grants that app+role, approvals are automatically bypassed.
• Surface, in application settings, which groups grant access to that app, with visual badges indicating whether those groups are enabled or disabled.

This makes it much easier to explain access in audits: you can see exactly which groups drive access to a given app, and which apps each group actually controls.

How to try it

1. Go to Groups and open any existing group.
2. On the Members tab, review owners and add/remove members as needed.
3. On the Access tab, review which apps and roles the group grants, and adjust as your policies evolve.
4. In Applications, open an app’s settings to see which groups are currently granting access.

Push Groups & SCIM — keep app groups aligned automatically

If you manage a lot of SaaS groups (especially via SCIM or Slack), you now have more help keeping them in sync.

For SCIM‑capable applications, YeshID can now import application groups and their memberships, similar to how we already handle HR and directory data. You can configure which fields to bring in and view groups and members directly in the app’s collections view, giving you better visibility into how the app organizes teams and projects.

We also introduced Push Groups support:

• A new “push group” mapping lets you link internal groups or user attributes to specific app groups.
• A new Push Groups task is available in application workflows, which uses those mappings to create or add the user to the right groups in the target app.
• Under the hood, an AddToGroup action uses the app’s SCIM or API configuration so you don’t have to script it yourself.

This is especially useful for tools like Slack and other SCIM‑backed apps where group/space/team membership is the real permission model.

How to try it

1. Open an integrated application that supports SCIM or group management.
2. In its configuration, define push group mappings from your groups or fields to app‑side groups.
3. Add a Push Groups step to the relevant onboarding/offboarding workflows for that app.
4. Run a test user through the workflow to confirm they land in the right groups.

Integrations & OAuth — smoother setup, more flexible tokens

We’ve made it easier to connect and manage integrations so you spend less time wrestling with configuration screens.

First, provisioning and integration setup now share a consolidated configuration card with a new Auth & Parameters panel. This panel pulls together:

• Setup instructions for catalog and SCIM integrations,
• Auth inputs (like OAuth 2.0), and
• Global parameters,

with shared validation and a clear sense of whether configuration is “complete” or not. This panel now shows up when you add apps, configure catalog integrations, or manage authentication for existing apps.

We also shipped several integration‑specific improvements:

• Google Workspace as a tier‑1 integration, with support for importing users so you can audit Google more easily in YeshID.
• GitHub and other apps now correctly mark admins based on the right flags, so your access grid and audits reflect real admin status.
• OAuth is more flexible:
  • You can supply your own access_type (for example, offline for Google) without YeshID duplicating it.
  • You can customize the header key and prefix used to send tokens (for example, sending Zoho-oauthtoken <token> instead of a standard Authorization: Bearer).

And we’ve fixed several edge cases that previously caused offboarding steps to get stuck, accounts to be marked as “running” forever, or deprovisioning to fail when the user had already been removed in the target app. The goal: fewer surprises when you sync, onboard, or offboard.

Everyday UX & reliability — CSVs, emails, Safari, and approvals

A lot of small but important changes landed that you and your team will feel day to day.

Cleaner CSV exports and more helpful imports

Exports from the Access Grid and application accounts now:

• Show full names (not just first names),
• Render role names correctly rather than [Object], and
• Provide more consistent columns for audit and reporting.

On the import side, CSV uploads now run through a preflight check that can:

• Reject Excel‑style UTF‑16 CSVs and files with null bytes with a clear “save as UTF‑8 or ASCII” message,
• Flag missing headers, duplicate column names, and mismatched column counts (with the first row number to inspect), and
• Warn when a file looks truncated or has quoting issues.

That means fewer “mystery” import failures and clearer guidance when something’s off.

Better emails, browsers, and domains

• The “Send custom access email” preview now respects formatting, so what you see in the preview matches what users receive.
• When sending access emails, choosing a different email domain actually updates the address, making it much easier to handle orgs with multiple verified domains.
• Safari users now see complete task lists when viewing workflows; a Safari‑specific loading issue has been fixed.

Access requests, approvals, and audits

We tightened up the access‑request experience:

• Requesters can now add context to their requests by clicking into the application box, and approvers/assignees can reply with comments and choose to share them back with the requester.
• Comments are no longer tied to task state—you can comment even before approvals are cleared.
• A bug where a rejected request sometimes looked approved has been fixed; the system now correctly routes to the rejection path.
• In the access request modal, choosing an app no longer causes the entire app list to re‑appear unexpectedly.

For audits:

• Application audit tasks can now only be assigned to people who actually have access to the application data, avoiding confusing “empty” audit views for non‑admins.
• The audit help text no longer suggests mid‑audit role changes for integrated apps where that isn’t supported, reducing mixed messages for auditors.

Admin tips

• Start in All Tasks: Use the All Tasks view with the default filters (assigned to you + incomplete/error) as your daily homepage. Once you’re comfortable, try bulk completing a group of done tasks.
• Review your key groups: Take a quick pass through your most important groups to confirm the name, description, owners, members, and app access all match how you talk about them internally. It will pay off in your next access review.

Availability & rollout

Most of these updates are live for all customers. Newer experiences like the All Tasks view and some group/access cards may appear first for selected organizations behind feature flags; if you’d like early access, your YeshID contact can help.

Closing & what’s next

October’s work is all about helping IT & Security teams see more, click less, and trust that workflows, groups, and integrations are doing what you expect. Whether you’re managing a handful of workflows or hundreds of thousands of tasks, these changes are designed to save you time and reduce access risk.

We’d love to hear what would make YeshID even more useful for your team—especially around workflows, audits, and integrations. Share feedback with your account team or through in‑product support.

‍