Changelog

Verified User Access (VUA) is now supported for Low Code Apps, ensuring actions in external systems are executed with the identity and permissions of the end user. This enhancement delivers stronger security, personalization, and compliance for all app interactions.

Key Benefits:

• Enhanced Security: Enforces least-privilege access, eliminates shared credentials, and ensures every action is auditable and tied to the authenticated user.
• Individual Authentication: Each user authenticates into applications (e.g., Jira, Salesforce, Namely) with their own credentials.
• Personalized Experience: Users see only their own records, preventing data leakage between roles, teams, and departments.

Learn more about Verified User Access for Low Code Apps.

In October, we rolled out 24 connector updates ⚙️ — including 8 brand-new connectors and 16 enhancements and bug fixes — along with 8 new recipes 📜 in the Community Library.

☁️ New launches like Amazon Textract, AlayaCare, Syncro, Filevine, COINS ERP, Felix, Wiz, and Stacklet expand automation possibilities across document processing, healthcare, IT service management, data integration, legal operations, construction ERP, procurement, cloud security, and governance—helping teams integrate and innovate faster.

🔧 The 16 connector enhancements and fixes deliver greater reliability, optimized performance, and enhanced error handling—ensuring smoother automation experiences across platforms and use cases.

✨ From healthcare to construction, cloud security to analytics, these updates keep your workflows smarter, faster, and more connected.

Verified User Access (VUA) is now available for MCP Servers, enabling end users to authenticate with their own credentials when interacting with MCP tools. This delivers enterprise-grade governance and user-level security for AI workflows.

Key Capabilities:

• User-Level Security: Each tool executes with the end user's credentials, ensuring access is always governed by individual permissions.
• Unified Server Setup: Combine recipe functions and API recipes in a single MCP server, eliminating the need for separate API endpoints or collections.
• Flexible Authentication: Configure VUA-enabled tools with Workato Identity Authentication (OAuth2). Credentials are securely stored and reused across tools.

Applications: Enable secure, permission-based workflows such as:

• Jira issue management where users can only view and modify issues they have access to
• Salesforce data retrieval with access limited to assigned accounts and opportunities
• Document processing with user-specific access to applications like Google Docs

Important Limitations:

• API recipes do not support VUA.
• MCP servers must use Workato Identity authentication for VUA; token-based authentication is not supported.

Learn more about MCP Server Verified User Access.

Agent Orchestration allows builders to delegate tasks to Genies directly within recipes. When a recipe assigns a task to a Genie, the Genie completes the work and returns its response back to the recipe, which then continues execution with that data. To use this feature, add the "Assign a task to a Genie" action in recipes or skills, specifying the goal, input data, and an optional conversation ID for context chaining.

This capability accelerates the creation of sophisticated workflows, including:

• Autonomous Task Processing: Embed Genies in recipes to handle complex tasks such as invoice-PO reconciliation, contract processing, and deal desk validations.
  
• Programmatic Genie Access: Perform tasks with Genies through MCP or API endpoints.
• Testing and Evaluation: Run evaluation scenarios against existing Genies and compare their outputs to expected results for quality assurance.
  Important Notes:
• Tasks can only be assigned to Genies that don't have any skills with end-user connections or skill confirmations.
• Genies must reside in the same project as the parent recipe or skill.

Learn more about Agent Orchestration.

OPA 29.1 adds support for data pipelines. The SQL Server accessible via OPA can be used as a destination for data pipelines.

Key details:

• Data pipelines now support SQL Server as a destination.
• Additionally, Spring LDAP updated to version 3.2.14.
  

We are excited to announce our internationalization (i18n) capabilities are now generally available. Teams can build, collaborate, and automate in their preferred languages, removing barriers for non-English-speaking users and supporting a more inclusive, global agentic orchestration experience.

Key details:

• Now supporting English, Japanese, Korean, Chinese, German, Spanish, French, and Portuguese.
• Set your preferred language in Profile Settings. Individual preferences do not affect others.
• Teams can collaborate and build together, even in different languages.
  

You can now build custom low code apps entirely with recipes. This release allows for real-time interactions between your UI and backend recipes. Perfect for creating apps such as CRM or HR interfaces, employee directories, and admin panels.

Key details:

• Trigger recipe actions on page load, button clicks, and dropdown selections.
• Load data into tables, dropdowns, and text or number fields.
• Create configuration panels and interfaces for headless systems and APIs.

New features enhance the Genie experience on Microsoft Teams. Users can now restart Genie chats and view a descriptive stream of a Genie’s actions and decision processes, improving transparency and usability.

Key details:

• Restart Genie chats by typing “restart”; admins can add this as a prompt in the Genie Teams app. Step-by-step instructions for adding the restart command are available in the app configuration.
• Users can see a descriptive stream of Genie actions and reasoning during chats. The descriptive stream feature requires the latest version of Microsoft Teams.

Agent Studio now supports granular RBAC (Role-Based Access Control) settings for Conversation History and Test Mode. Admins can precisely control which roles have access to sensitive chat records and Genie test queries, helping protect personal and organizational data.

Key details:

• Configurable access to Conversation History, which may contain sensitive user or organizational information.
• Ability to limit access to Test Mode, which allows Builders to query Genies and retrieve data from connected Knowledge Bases.
• Existing customers’ permissions have been migrated; no action needed unless further customization is desired. New customers must manually grant access. By default, roles do not have access.

Updated RBAC settings are available on the Workspace Admin page under Collaborator Roles.

We've increased the maximum number of API keys allowed per client.

New Limit: You can now create up to 20 API keys per client (previously 10).

This update provides more flexibility for managing keys across different environments (Dev, Test, Prod) and supports better key rotation practices.