Join Waitlist

Changelog

What we're shipping

We're building Codara in the open. Every milestone below is real work that landed in the repo — not a roadmap, not a promise.

Updated 18 May 2026
  1. Auth

    Sign-in flow polished end to end

    • Sign-in form: inline error messages, accessible labelling, and password-manager-friendly autofill.
    • Tenant-aware sign-in: you can only sign in on the URL of your own organisation. Wrong tenant gets the same generic message as a wrong password — no information leak.
    • Password reset flows end to end via an emailed link. Links expire after 30 minutes and are validated before you ever type a new password.
    • Registration lets you pick your organisation URL up front. Reserved slugs are blocked; taken slugs surface a clean inline error.
  2. Platform

    Onboarding redesign + project type selector

    • Onboarding flow redesigned.
    • Project type selector on /projects/new so the right defaults follow from what a team is building.
  3. Design

    Transactional emails live and on-brand

    • Codara now sends transactional emails — sign-up verification, password reset, invitations — with retries and an audit trail.
    • Email templates redesigned to match the in-product look so the journey from inbox to app feels like one product.
  4. DesignPlatform

    Design system v1; Figma and code share one source of truth

    • Every colour, typography size, motion curve, spacing step, radius, elevation, and breakpoint is now a named token used consistently across the product.
    • Designers and engineers work from the same tokens — changes flow from Figma to the product without translation.
    • Codara logo lands across the app, marketing surfaces, favicons, and transactional emails.
  5. Platform

    The planning surface comes online

    • Navigation shell, organisation dashboard, and project list.
    • Full initiative, epic, and story surfaces — listing, detail, creation, and decomposition review.
    • Configurable issue types, custom fields, workflow editor, and automation rules.
    • Search results and a CQL (Codara Query Language) builder with saved views.
    • Onboarding flow and invitation acceptance.
  6. AuthPlatform

    Admin surfaces and MFA at sign-in

    • Account settings: profile, security, and privacy tabs.
    • Admin surfaces: members, invitations, teams, SSO configuration, SCIM provisioning, IP allowlist.
    • Audit log viewer for security-relevant events.
    • Sign-in supports authenticator-app codes (TOTP) with backup-code fallback.
  7. Auth

    Enterprise sign-in: SAML, SCIM, fine-grained access

    • SAML single sign-on, configured per organisation.
    • SCIM user and group provisioning so identity changes in your IdP propagate to Codara.
    • Map IdP groups to Codara roles and teams.
    • Fine-grained access control to gate actions on individual resources.
  8. Auth

    Registration, password recovery, MFA enrolment

    • Self-serve registration with email and password.
    • Email verification before an account becomes active.
    • Forgot- and reset-password flow with single-use links.
    • Enrol an authenticator app or SMS device for MFA, plus printable backup codes.
    • Custom roles for organisations that need to go beyond the built-in roles.
  9. InfraAuth

    Foundation: multi-tenant isolation

    • Every organisation's data lives behind hard isolation at the data layer — not just an application-level filter.
    • Authentication and session model with reuse detection: if a stolen session token is replayed, the family of tokens it belongs to is invalidated.
    • Rate-limited public surfaces from day one.

Want a notification when we ship? Join the waitlist — we email subscribers when meaningful milestones land.