# Release Notes: 2026-01-22 ### Access Security #### Enhancements * **Risk and Rules Email Templates**: Administrators can now create and customize email notification templates for Risks and Alert Rules directly from the System Settings page in the "Custom Templates" section. * **Editing Entity Owners**: Users can now add and remove entity owners directly from the Separation of Duties and Separation of Duties Details pages via a side slideout. Click on any existing owner in the table to open the slideout, then search for new owners to add or remove existing owners. * **Query Descriptions in Exports**: Exported reports now include a natural language summary for SOD queries. * **OOTB Query Risk Profiles (Early Access)**: Risk Profiles can now be changed for Veza-created out-of-the-box queries. * **Risk Profile Bulk Update (Early Access)**: Users can now select multiple risks from the Risks table and assign a risk profile to all of them at once, with real-time progress tracking showing the percentage of updates completed. System-created queries are automatically filtered out and cannot be modified, with a helper message indicating how many queries will be skipped during the bulk update operation. #### Bug Fixes * Scheduled CSV export now correctly sends an email notification. * Added filtering to the bulk "Manage Exceptions" dialog to filter by "Exception" and "Risk". ### Access Reviews #### Enhancements * **Movable Reviewer Column**: Users can now drag and reposition columns in the Access Reviews table (including the "Reviewer" column), to customize the view and improve workflow efficiency. * **Reviews UI Improvements**: Due dates on the Reviews page now use color coding (red for items due within a week, yellow for those within 15 days). Column ordering is adjusted to surface due dates and remaining work earlier in the table. * **Access Review Cancellation Logging**: Veza now emits an `AccessReviewDeleted` event when an Access Review is canceled. #### Bug Fixes * Fixed an issue where reviews configured with the "Unanimous Rejection" decision model did not properly complete when all second-level reviewers rejected an item. * Fixed an issue where webhook actions sent incorrect tokens during access review operations. * Fixed an issue where the Assign Reviewers dropdown menu could clear unexpectedly. ### Access Visibility #### Enhancements * **NHI Security Accounts Performance**: Improved initial load performance for the NHI Security Accounts tab. * **Time Machine UX**: Query Builder now features a new UX for selecting Time Machine snapshots. * **Query Builder Terminology**: Renamed "Waypoint Entity" to "Relationship" in Query Builder to align with Access Reviews terminology. #### Bug Fixes * Fixed an issue preventing filtering on Relates To entities when the source entities are of the same type. ### Lifecycle Management #### Enhancements * **Lifecycle Management REST Actions No Auth Support**: Administrators can now configure Custom REST API Actions to use no authentication when connecting to endpoints that do not require credentials, such as internal services or pre-authenticated URLs. * **Active Directory Account Control Flags**: When provisioning Active Directory users through Lifecycle Management, administrators can now specify userAccountControl flags such as `NORMAL_ACCOUNT`, `DONT_EXPIRE_PASSWORD`, or `SMARTCARD_REQUIRED` to configure account security settings during user creation. * **Monitor Access Request API**: The `any_changes` field is now included in Monitor Access Request API responses, making it easier to determine whether any changes were processed. * **Access Profile API Default Version**: When retrieving Access Profiles via the API without specifying a version, Veza now returns the published version by default rather than requiring an explicit version number. * **EAC-56097 Skip Workflows on Secondary Identity Source Extraction**: Administrators can now configure Additional Identity Sources to skip workflow execution when extractions occur. This provides greater control over extraction timing, allowing identity attributes to be updated without triggering provisioning or deprovisioning workflows. #### Bug Fixes * Fixed an issue where successful "Disable User" operations were incorrectly shown as failed in the Veza UI. ### Veza Integrations #### Enhancements * **Azure AI Foundry**: The Azure integration now discovers Azure AI Foundry resources and RBAC permissions, including AI agents, projects, model deployments, vector stores, and guardrails. Agent identities are correlated to Azure AD managed identities. Requires "Cognitive Services User" role (or Reader role with `Microsoft.CognitiveServices/*/read` permissions) on subscriptions containing AI Foundry resources. * **CSV Upload**: CSV integrations now feature an "Upload CSV" shortcut directly on the Integration page for faster data uploads. * **Kubernetes**: The integration now supports AWS China and GovCloud EKS cluster ARNs. * **GitLab**: The integration now caches user details to reduce API calls during extraction. Administrators can optionally skip user details collection for faster extractions (this will omit Email, IsAdmin, LastLoginAt, and Identity Type attributes). #### Bug Fixes * Fixed an issue where PingOne extractions could fail due to expired tokens during extraction. * Fixed the PostgreSQL user role membership query. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.veza.com/4yItIzMvkpAvMVFAamTf/release-notes/release-notes/2026-01-22.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.