Roadmap
What we've built, what we're building, and where we're headed. All dates are estimates and subject to change.
Completed
- ✓Multi-tenant architecture with per-tenant isolation
- ✓SAML 2.0 + OIDC + OAuth 2.1 enterprise SSO
- ✓MFA: TOTP, SMS, Email, WebAuthn/FIDO2/Passkey
- ✓Adaptive MFA — risk-based 7-signal authentication
- ✓NHI (Non-Human Identity) — Agent/Robot/Device lifecycle
- ✓RBAC + ABAC + ReBAC + PIM authorization models
- ✓Merkle hash chain audit with GDPR DSAR automation
- ✓15 compliance frameworks (GDPR/SOX/PCI/HIPAA/ISO/Dengbao)
- ✓National Cryptography: SM2/SM3/SM4, Ed25519
- ✓1,400+ REST API endpoints across 24 microservices
- ✓30+ SDK packages (React, Vue, Next.js, Node.js, MiniApp, RN)
- ✓Webhook event system with 600+ event types
- ✓gRPC service mesh for internal communication
- ✓Password transmission encryption (ECDH/RSA/hash/plain)
- ✓Field-level AES-256-GCM encryption with key rotation
- ✓IPv6 dual-stack support for identity APIs
2026 Q3
- →Autional Cloud public beta
- →Admin Console redesign
- →React SDK v1.0 stable
- →Bolt.new and Lovable.dev AI tool templates
2026 Q4
- →Vue and Next.js SDKs
- →SOC 2 Type II audit
- →Multi-region cloud deployment
- →Enterprise audit archive
2027 H1
- →Go and Python SDKs
- →AI Agent Native authentication (NHI)
- →WebAuthn passkey pass-through
- →Kuberentes operator for automated deployment