MSPercury docs
DE ES Back to app →

Roadmap

We commit to ship. Items under Now are actively in flight, usually landing within weeks. Next is designed and queued. Later is honest speculation — we think it’s important but reserve the right to change our minds.

Now (in flight)

  • Public Read API + API keys — workspace-scoped REST endpoints (/api/v1/customers, /quotes, /projects, /checkups, /usage/mrr …) with bearer-token auth. Unlocks Zapier / n8n / Make.com plus arbitrary custom scripts against MSPercury. Pro plan, generated under /settings/api. (Q3 2026)
  • Outbound webhooks — POST-based event delivery to MSP-owned endpoints for quote.accepted, lead.created, customer.updated, etc., with HMAC-SHA256 signatures, retry-backoff, test-fire button. (Q3 2026)
  • Native iOS app — Capacitor-based, offline IT Assessment wizard (IndexedDB), native camera with EXIF, Face ID unlock, push notifications. App Store submission imminent.

Next (planned)

  • Per-tenant DB snapshot + restore — operator-triggered point-in-time restore from the off-site backup chain. Q4 2026.
  • Cohort retention heatmap drill-down in superadmin — cohort cell → user list with activity score. Q3 2026.
  • AEO/GEO SEO push — structured FAQ pages per use-case (quoting, public IT Assessment, lead funnel) with Schema.org markup, optimised for AI search engines + Google SGE. Q3 2026.

Later (maybe)

  • Lexware Office connector — DACH SMB standard, native invoice creation via API. Once enough DACH MSPs are active and asking for it.
  • sevDesk connector — second-most-popular bookkeeping SaaS in DE.
  • Polar.sh connector — modern SaaS billing for creator-flavoured MSPs / agile consultancies.
  • DATEV interface — when an MSP’s customer has a tax advisor expecting DATEV data.
  • FastBill / Billbee / Faktura+ — based on demand signal from the Discord community.
  • Native Android wrapper.
  • Customer-side self-service portal (view quotes, download invoices, open tickets) — long-term.
  • Per-question conditional routing in the IT Assessment wizard (“if no MFA → ask which password manager”).
  • AI-driven RFP / scope document writing from a finalised IT Assessment.
  • Time-tracking integration with the existing service-report flow.

Already shipped

What’s running in production. Many security items below were originally targeted for Q3 2026 — they landed earlier. Dates indicate production release; per-day precision is in the changelog.

Pricing & billing (May 2026)

  • Free + Pro pricing model — Free tier for the first 100 workspaces as a permanent founding cohort, Pro at €49 / $49 / CA$65 monthly. Multi-currency switcher on pricing and billing pages, Stripe Checkout with correct VAT + EU reverse-charge.
  • Self-service Free-to-Pro upgrade — Free users click upgrade in the sidebar or on /billing → Stripe Checkout → Pro unlocked. Cancellation fallback to Free instead of lockout.
  • Stripe Customer Portal integration — Pro users see invoices, change payment method, cancel self-service.
  • Stripe direct-key integration (MSP-side billing) — the MSP pastes their own Stripe API key in /settings/integrations; MSPercury calls stripe.invoices.create() directly on the MSP’s account whenever a quote is accepted. Money flows MSP↔customer; MSPercury only sees the API response. No Stripe Connect, no platform markup, no escrow. Restricted keys (rk_*) scoped to Customers + Invoices recommended.
  • Plan gating on every Pro feature (service catalog, packages, lead management, marketplace, custom branding, advanced reporting, findings library editing) at page and action levels.

Cross-tenant partner network + marketplace (May 2026)

  • Phase-2 lead marketplace — rejected leads optionally published anonymised in cross-tenant marketplace, other MSPs can take over, identifying data only after both sides accept.
  • Partner profiles — specialty profiles per org (region, industries, technical skills, service models, capacity, bio), public partner directory at /partners, karma score based on connectivity + forwarding activity.
  • Lead forwards with double-opt-in — GDPR-compliant lead handover between partner MSPs with explicit lead consent.
  • Network inbox + sent at /network/* — inbound partnership requests, lead forwards, karma events.

AI features (April + May 2026)

  • Tier 1A — AI status update structurer — operator types a hectic field note, AI rewrites it into a customer-friendly post with auto-detected category.
  • Tier 1B — AI service report drafter — three buckets of bullets (what was done / notable / recommendations) → polished markdown report.
  • Tier 1C — AI auto milestone generator — describe the project goal, AI returns 3–7 ordered milestones with rough deadlines.
  • Tier 1D — AI quote thread reply drafter — reads recent thread, prefills the operator textarea with a polite on-tone draft; operator always reviews + sends manually.
  • Tier 1E — AI service-report → status-update bridge — automatic status-post suggestion the moment a service report is saved.
  • Tier 1F — AI lead outreach drafter — personalised first-contact email anchored on weakest IT Assessment categories, mailto- or copy-to-clipboard.
  • Tier 1G — AI quote draft from IT Assessment — 3–6 fitting services from the catalog plus executive summary, dropped straight into the standard draft-quote workflow.
  • AI executive summary for finalised IT Assessments — three detail tiers (brief / standard / detailed) with localised prompts.
  • AI auto-link findings to catalog — one click maps unlinked findings to the closest catalog entry using your service vocabulary.
  • AI tasks from IT Assessment — generates a kanban-ready project plan from finalised findings.
  • Per-tenant AI provider — bring your own Anthropic/OpenAI key, or point at a self-hosted Ollama / vLLM / LiteLLM with OpenAI-compatible /v1 contract. No token markup.

Lead-gen + marketing (May 2026)

  • Public IT Assessment without friction — lead types email + starts the 20 questions immediately, no PIN gate; anti-spam runs as IP- and email-rate limit + 20-question friction.
  • Self-assessment flow — even the email step is gone for plain self-assessments; email collected at submit alongside privacy consent.
  • Iframe embed at /check/{slug}/embed — full multi-step flow inside an external marketing page.
  • CSV bulk customer import at /customers/import — upload, header aliases auto-detected, dedup against existing + within file, per-row validation with error report.
  • First-touch UTM + referrer attribution — captured via signed cookie, written into every new lead, visible on lead-detail (channel pill).
  • Cross-tenant benchmark on the result page — anonymous comparison by industry + size, by industry alone, or globally, with hard minimum-sample threshold.
  • Multi-region SEO — hreflang for DE/AT/CH/ES/MX/US/CA, localised OG locales (de_DE, en_US, en_CA, es_ES, es_MX), region routing via ?lang=.
  • Marketing landing redesign — new 3-card hero composition (IT Assessment score / AI quote draft / customer portal), AI features section with BYOK emphasis, Discord community section.

Customer branding (May 2026)

  • MSP-branded PDFs — every customer-facing PDF (quote, agreement, IT Assessment, summary, prospect report) carries the workspace name + logo + brand color instead of MSPercury branding.
  • MSP-branded customer emails — wordmark + copyright in status updates, service reports, maintenance, quote replies, share-quote, portal invites, agreement send and prospect reports show the workspace name + legal name instead of MSPercury.

Workspace, quotes & IT Assessments (April + May 2026)

  • Sprint 4 dashboard — current MRR / pipeline / win-rate / ARR forecast KPI cards, 12-month MRR line chart with hover tooltips, conversion funnel, top-5 customers by MRR.
  • Manual MRR override per customer — for flat-fee deals and handshake arrangements.
  • Quote post-accept editing — live record + dashboard MRR adjustable; signed PDF stays frozen as audit reference.
  • Status stream + milestones — Twitter-style progress feed, linear pizza-tracker stages with optional ETA and customer-portal visibility.
  • Customer ↔ operator quote messaging — two-way email-bridged inbox per quote, unread badges, optional web push.
  • Web push notifications — VAPID-keyed, opt-in per event under /settings/notifications.
  • Agreement templates — workspace-wide library, DE/EN/ES, editable defaults + add custom.
  • Default hourly rate persisted on the workspace.
  • 3-step quote wizard — pick customer → pick project → build quote.
  • Multi-currency support — EUR / USD / GBP / AUD / CAD correct everywhere.
  • Package editor live preview — type hypothetical workstation/server/user counts and see package line quantities.
  • SVG logo support in branding.
  • Starter findings library — 43 pre-built finding templates across 7 categories in EN/DE/ES.
  • 30 default questions in all 7 categories in EN/DE/ES.
  • Setup wizard at /onboarding.
  • Postgres migration — moved from SQLite/libSQL to Hetzner-local Postgres 16, multi-tenant path opened for ~100-200 → 10k tenants.

Authentication & security (April 2026)

  • Verify-first signup — email PIN gate before account creation.
  • TOTP 2FA — setup at /settings/security with QR + 8 one-time backup codes.
  • Passkeys / WebAuthn — Face ID, Touch ID, Windows Hello, hardware keys.
  • Trusted devices (cookie) — opt-in 30-day 2FA bypass per browser, individually revocable.
  • Forgot-password flow + change password + change email + delete account (GDPR Art. 17) + export personal data (Art. 15).
  • Workspace-wide 2FA enforcement + active sessions + new device sign-in alerts + activity audit feed + rate limiting on every auth endpoint.
  • Support reset for lost 2FA — operator action with mandatory ticket reference + permanent audit trail.
  • GDPR consent on signup + cookie banner — separate ToS + privacy checkboxes.

Operations (April 2026)

  • Cross-tenant superadmin dashboard at /superadmin — tenants, users, funnel, cohorts (with retention heatmap), geo, feedback, invites, DPA, changelog, reports.
  • Auth-table garbage collector — daily systemd timer.
  • Committed SQL migration files + safe-migrate guard rail + independent code audit + open-redirect / email enumeration / session-rotation hardening.
  • Docs site at docs.mspercury.com in EN/DE/ES.
  • Production deploy automation — pull/build/migrate/restart with health check, nightly off-site backups, 30-day retention.
  • NinjaOne monitoring + patch-management agent on the EU VPS.
  • Feedback inbox at /feedback with auto-email to the operator.
  • Multi-language UI — every user-facing page in English, German, Spanish.
  • SSH on port 2222 — sshd off the standard :22, Hetzner edge filter permanently bypassed.
  • Discord community at https://discord.gg/nyc3Pa8FJM — exclusive to registered MSPercury workspaces, direct line to the developer.