Account, Org, and User Management

The Huntress Management Console supports SAML SSO but doesn't support SCIM provisioning, and the gap between those two things is causing a lot of unnecessary pain for anyone running Entra ID as their IdP. Even with SAML enabled, every new user has to be created manually in the Huntress portal and then accept an email invitation before they can log in. SAML authenticates the account, but it doesn't create it, and there's no JIT provisioning path. That means there's also no real lifecycle integration — when someone leaves and gets disabled in Entra, nothing happens on the Huntress side until an admin remembers to clean it up. For a security product, "we'll get around to it" deprovisioning isn't a great default. It's also worth pointing out that the SAT module already supports SCIM, with a documented Entra setup. So the capability clearly exists inside Huntress; it just hasn't been extended to the Management Console, which is the part most partners spend the most time in. The mandatory invite-email step is also a problem in any environment that follows Microsoft's own guidance to keep privileged identities mailbox-free. If privileged accounts don't have mailboxes — which is a recommended hardening pattern — there's no way to receive or accept a Huntress invite with those accounts. The only workaround is to assign a mailbox to an account that shouldn't have one, which chips away at the very posture Huntress is supposed to help defend, just to get a user onboarded. What we'd like to see is native SCIM 2.0 support for the Management Console, with Entra ID configuration documented to the same standard as SAT. Concretely: Automatic provisioning when a user is added to a designated Entra group Automatic deprovisioning when they're removed from the group, disabled, or deleted in Entra Group-to-role mapping, or at minimum group-based assignment to the existing Huntress roles (Admin, Security Engineer, User, Read-Only, etc.) No email invitation step for SCIM-provisioned users First-class SCIM integration with the IdP partners are paying Huntress to help secure should be a baseline expectation at this point, not a feature gap people have to engineer around.

I would like the ability for organization-level users to receive their own alert emails for self-management. Currently, adding an email to the alert list means they receive alerts for every account, which is not ideal. It would be beneficial to have a feature that allows specific users within an organization to manage their own alerts independently.

I would like to see the ability to subscribe to the boards in this feedback forum, so I can see what new discussions or topics are being posted. This would provide a quicker way to see new topics that may affect us and we would like to upvote or comment on. In feedback forums for other tools, I am able to set up notifications/following specific posts, or the entire category (board).

Examples of different roles that would aid in "least privileges" to comply with audits: Sales & Billing roles, master Account Admin, tech admins that can work on client administration, etc.

Org level admin - respond to escalations - my client knows best where their users should be or shouldn't be - I would like them to be able to respond to the escalations - and select the Unauthroised / authorised

We would like to see the addition of FIDO security key support as a multi-factor authentication (MFA) option for logging into the Huntress tenant. As organizations increasingly adopt phishing-resistant authentication methods, FIDO2/WebAuthn has become a critical standard for securing access to sensitive systems. Why this feature matters: FIDO keys provide strong, hardware-based authentication, reducing the risk of credential phishing and account compromise. Many compliance frameworks (e.g., NIST 800-63, CISA Zero Trust guidance) recommend or require phishing-resistant MFA. Offering FIDO key support would align Huntress with modern security best practices and customer expectations. Benefits for Huntress and its customers: Enhanced security posture for administrators and partners. Improved compliance with industry regulations. Seamless integration for organizations already using FIDO keys across their environments. We believe this feature would significantly strengthen the security and usability of the Huntress platform.

This 60 minute portal timeout is frustrating. Can you get that changed to allow a longer timeout window.

Currently, the billing contact receives both the invoice billing information and the billing detail report (usage breakdown). It would be nice to be able to control which emails they receive or have an option to disable the usage report.

It would be great, to have the possibility to have a full Branding-Possibility as an MSSP. That means: Logo on Plattform Full Branded Reports Custom URL Name of Agent As an MSSP, this is important for as, as we want to push our own Brand. For Huntress this is not a disadvantage, as we could push our Services even more and have some advantages over competitors. It's not that great for us, to let our competitors see, with what for partners we build our services. We have already decided to not install Huntress on some special customers and using another SOC where we have this possibility, just because of this. In other cases we build a Webplattform-Overview, where we put all informations, which are important for an enduser, by API. So that the customer see whats going on, without having to know, that there is huntress in the background. But as we love Huntress, we really would love to have this possibility as a native option in huntress. By the way: even to have an agent on steroids would be great. If the agent (when rebranded) can be set viewable, so that the customer allways see it (as example in the tasklist) and has the possibility to send a message to us over it in case of a security question, would make the whole thing even more integrated. And for the customer: it doens't pay for something he just has to trust, that we're doing something for him, but he has the chance to involve himself with that, that would be a great option in my eyes... Just like you can do it with NinjaRMM, to make an example.

Allow Passkeys for Huntress Dashboard logins rather than just SAT