Download  PNG

Light
Dark

Download  SVG

Light
Dark
Download all assets
Log in
Book a demo
burger menu iconburger menu icon_close
Product
Changelog
Apr 16, 2026
Team-scoped heartbeats.

Team-scoped heartbeats.

Solutions
How Motive achieves 99.99% reliability with Rootly.
How Upstart uses Rootly to create an incident response system that grows with them.
How Achievers productized reliability on Microsoft Teams with Rootly AI.
How ROLLER scales globally while keeping a lean SRE team.
How Momentum minimizes the number of engineers on-call with Rootly AI.
How Clay uses Rootly to streamline incident management.
How Webflow uses Rootly to build a proactive reliability culture.
How Wealthsimple uses Rootly to create a culture of wellness and psychological safety for incident commanders.
How Lucidworks uses Rootly to create bespoke incident management for their distinct product offering.
How Rootly helps Replit make better business decisions after incidents.
KnowBe4 turns Incident Response into a repeatable, predictable system with Rootly.
Customers
Resources
Latest Blog
Apr 10, 2026
Turning your incident data into a knowledge graph

Turning your incident data into a knowledge graph

Pricing
Log in
Book a demo
Changelog

April 16, 2026

Team-scoped heartbeats.

Team-scoped heartbeats.

Heartbeat monitors are now team-scoped. Teams can own their heartbeats, and access is controlled by the same RBAC configuration that governs the rest of Rootly On-Call—so a team member from one group can no longer view or modify another team’s monitors.

Why it matters

In multi-team environments, RBAC boundaries are what allow different engineering groups to operate independently without stepping on each other. Heartbeats were the last On-Call feature that didn’t respect those boundaries—any user with edit permissions could touch any team’s monitors, regardless of their role.

For enterprise customers running strict access-control configurations, this was a meaningful gap:

  • Teams couldn’t trust that their heartbeat configuration was protected from modification by other groups
  • Admins had no way to delegate heartbeat ownership to a specific team without exposing org-wide access
  • It created friction during security reviews, where full RBAC isolation is often a hard requirement

How it works

When creating or editing a heartbeat, team admins can now assign an owning team. Access to that heartbeat—read, write, and delete—is then governed by the user’s On-Call role permissions for that team, consistent with how alerts, schedules, escalation policies, and alert sources already behave.

Getting started

No migration required. Existing heartbeats can be assigned to a team from the heartbeat settings page. New heartbeats created by team admins will default to their team as the owner.

Check out the docs to learn more.

What else shipped

Improvements

On-Call

  • Paging notifications for alerts now include the functionality name when a functionality is the paging target, giving responders more context directly in the notification.
  • Slack alert blocks have been redesigned with a cleaner layout, updated icons, and a dedicated paging section that now sits above the alert description—so responders immediately see what they need to act on.
  • Alert sources now appear in the organization audit log, providing a full record of when alert sources are created, updated, or deleted.
  • When a service, team, or functionality has no escalation policy attached, a direct link to add one now appears in the paging UI.
  • Schedule rotation start times now correctly account for daylight saving time transitions, preventing shifts from running an hour late after clocks change.

Incident Response

  • Retrospective export errors now display specific, actionable messages instead of a generic failure notice, making it easier to identify and resolve configuration issues.
  • Adding or removing users from a schedule rotation now preserves the current on-call shift instead of recalculating from the current timestamp.
API

On-Call

  • Alert status changes made via PATCH /v1/alerts/:id are now reflected in the alert timeline and correctly stop paging when an alert is resolved through the API.
  • Team API keys can now read, create, update, and delete alert routing rules owned by that team.
  • Escalation policies created via the API now correctly inherit the organization's default timezone when no timezone is specified on working hours.
MCP Server
  • A new list_incidents tool is now available, with enhanced filtering options and clearer time parameter naming for more precise incident queries.
  • Workflow task management is now available on the default MCP surface—AI agents can create, list, retrieve, and update workflow tasks directly. Delete remains disabled by default.
  • HTTP streamable transport support has been improved, with better handling of POST requests and reduced transport ambiguity for more reliable connections.
Fixes

On-Call

  • Grouped alerts now auto-resolve their child alerts when the group leader is resolved.
  • Bulk acknowledge and resolve operations now handle 404 errors gracefully instead of failing silently.
  • Schedule rotation start and end times now save correctly regardless of which day of the week is selected.
  • Test notifications sent from the web UI are now delivered as critical notifications on Android devices.

Incident Response

  • Retrospective exports to SharePoint now complete successfully.
  • Retrospective exports to Dropbox now update existing documents correctly when re-exporting.
  • Retrospective images now export correctly to Notion and Google Docs.
  • Closing the export dialog before the progress bar completes no longer causes the export session to show the document as missing.

Previous changelogs

Keep Rootly in sync with Google Workspace.

January 16

Automatically sync incident fields from Catalog data.

January 16

AWS EventBridge x Rootly Integration

January 16

You and your teams deserve
modern incident management.

Get a 1:1 demo with one of our technical staff or start your free 14-day trial.

©Rootly 2026. All rights reserved.
Privacy policy
·
Terms of use