Feature ideas

Currently, when DETAILED_LOGGING=true , the Port Agent logs sensitive secrets in cleartext if they are injected into self-service actions using {{ .secrets.* }} . For example, an Authorization header containing a bearer token is rendered directly into the container logs in plaintext. The current workaround is to set DETAILED_LOGGING=false , which prevents the exposure of secrets but also removes valuable troubleshooting and observability data. Customers should not have to choose between secure logging and detailed operational visibility. Even with detailed logging enabled, sensitive values such as Authorization headers, API keys, tokens, passwords, and any values originating from {{ .secrets.* }} should automatically be redacted or obfuscated before being written to logs. We would like to request a feature enhancement that introduces automatic secret masking/redaction within Port Agent logs. For example, values could appear as [REDACTED] or ****** while still preserving request structure, metadata, and debugging context. This would improve security, help meet compliance requirements, and allow customers to safely keep detailed logging enabled without risking credential exposure.

We want to connect to an existing MCP server that supports "Client credentials" . It is hosted in AWS agentcore and we need port to support "Client credentials" to connect to the MCP server.

A protected app pointing to portal.azure.com using Microsoft Entra authentication is not currently supported in the iframe widget. Entra requires the client_secret param be passed, but this is not configurable in the iframe. Request is for support to be added for a secure way to achieve this auth flow without having to pass client_secret param.

To extend support for additional AWS resource types in the Port-hosted AWS integration, for DynamoDB Tables, Secrets Manager Secrets, Backup Vaults, Route53 Hosted Zones, VPCs, and Subnets. These resources are currently only available via the self-hosted AWS exporter. Adding support for them in AWS port hosted would be beneficial.

Add support for a dedicated native Base64 encoding function within SSAs. If your backend uses Basic Auth, base64 encoding username:PAT (or :PAT) is the correct approach, and right now you have to do so outside of Port.

When we use port CLI, the only way to select a partial list of skills to load to a tool (Cursor, Claude Code, etc). We want to have the ability to add a new skill to a tool without the need to reselect the entire list of skills that were previuosly selected. This should be in a new skills add command in port cli. We would also want to add a skills select command that will only allow us to select the list which will be sent to the tool.

We want to add support for installing the skills from port CLI in VSCode It supports the same hooks as Cursor which you already support so I think this should not be a big effort.

Today by default when installing an integration we see 3 properties: title, created at, updated at. This requires the end user to spend time for every single integration to show/view the required properties. Integrations should come with a default best practice view to reduce this manual time

The native GitLab integration in Port does not currently expose the duration field for pipeline entities. We'd like this field to be supported natively. The current pipeline kind mapping fetches data from the GitLab list pipelines endpoint (/api/v4/projects/:id/pipelines), which returns fields such as status , created_at , updated_at , and web_url . However, the duration field is only available on the individual pipeline detail endpoint ( /api/v4/projects/:id/pipelines/:pipeline_id ). What we need: For each pipeline fetched during resync, we'd like Port to also retrieve the detailed pipeline record so that the duration field is available for mapping.

When looking into the raw data explorer, we are currently unable to know if the data is coming from a resync or from a live event. knowing this will allow us to get to the live events quicker using a filter or filter out live events as needed.