BookYourPTO now integrates directly with QuickBooks Online, bringing your leave management, expense tracking, and time tracking into your accounting workflow. Available on Business and Enterprise plans.
- OAuth 2.0 Connection: Securely connect your QuickBooks Online company with a single click. Disconnect at any time — your QBO data is never modified without your explicit action.
- Employee Sync: Sync your employee directory between BookYourPTO and QuickBooks Online. Smart conflict detection compares records and highlights differences, so you always know what will change before it happens.
- Expense Report Push: When an expense report is approved, it can automatically be pushed to QuickBooks Online as a Bill. Vendors are auto-created for reimbursements, with duplicate name handling built in.
- Time Entry Push: Approved time entries are pushed to QuickBooks Online as TimeActivities, keeping your billable hours in sync with your accounting records.
- Chart of Accounts Mapping: Map your BookYourPTO expense categories to your QBO chart of accounts. Auto-map suggestions make initial setup quick — just review and confirm.
- Department & Client Mapping: Map your BookYourPTO departments, clients, and projects to their corresponding QBO entities for accurate cost allocation.
- Leave Liability Journal Entries: Generate and push leave liability journal entries to QBO, helping your finance team track accrued leave obligations.
- Sync History & Audit Trail: Every sync operation is logged with full audit history. Filter by sync type, status, and date range. Paginated history view keeps everything accessible.
- Scheduled Sync: A configurable cron-based sync keeps your data up to date automatically across all active connections.
- Settings UI: A dedicated QuickBooks settings section with a 7-panel sidebar covering connection status, employee mapping, account mapping, department mapping, sync history, leave liability, and payroll — fully mobile responsive.
The timesheets module has been completely redesigned. The old time board has been replaced with a modern calendar view that gives you a clear, visual overview of your team's tracked hours across the week or month. Navigate between days, weeks, and months with ease, and see at a glance who logged what and when.
Approved leave requests and public holidays now appear directly in your timesheets — no more switching between modules to understand why someone wasn't logging hours.
- Calendar view: A compact leave summary strip sits between day headers and the time grid, showing per-day leave pills. When 4 or more employees are on leave, it collapses to a clean "X on leave" summary with a hover tooltip listing everyone.
- Calendar view: Public holidays are highlighted with emerald-colored labels and subtle column tints, so holiday days are instantly recognizable.
- List view: Holiday badges appear on day cards, with an emerald banner for selected holidays and an amber leave summary showing employee name pills.
- Mobile view: Holiday dots appear on day tabs with a leave count in each day header.
- Top bar: New "on leave" and "holiday" summary stat chips give a quick snapshot.
- CSV export: Enhanced with a new Type column (Time Entry / Leave / Holiday), leave rows include portion info, a holiday column, and a per-employee summary section at the bottom of the export.
The scheduling interface has been overhauled with a fresh design. A new /user/:id detail page gives managers and admins a dedicated view for any team member, consolidating their schedule, leave history, and profile information in one place.
Leave types can now be marked as private, giving organizations control over which leave information is visible to other employees.
- When a leave type is marked private, other employees will see a gray "Private" label with an eye-off icon instead of the leave type name, reason, or notes.
- Role-based visibility: Employees see only their own leave details. Department heads see their own department. Admins and executives see everything.
- Annual Leave and Sick Leave default to private during onboarding.
- A new isPrivate toggle is available in the leave type create and edit forms.
- Leave balance badges are hidden from unauthorized viewers for private leave types.
Email digests now respect per-leave-type privacy settings. Private leave types are masked in digest emails using the same role-based rules as the dashboard — employees only see their own private leave details, department heads see their department, and admins/executives see all.
Daily digests are now smarter about when they send:
- Business day awareness: Digests skip non-business days based on your organization's configured business days (e.g., no digest on Saturday/Sunday if your org runs Mon–Fri).
- Holiday awareness: Digests are also skipped on public holidays specific to each user's assigned holiday calendar.
- Upcoming holidays: Daily digests now include an "Upcoming This Week" section with a green-highlighted list of public holidays in the next 7 days, so your team knows what's coming.
When admins add new users, the experience is now cleaner and more secure:
- New users receive a "Set Up Your Account" email with a secure 24-hour setup link instead of a temporary password.
- A new dedicated /setup-account page provides a streamlined onboarding experience — simpler than the standard password reset flow.
- The Add User modal no longer displays or copies passwords. The success state now shows a clear "setup email sent" confirmation.
- Password change and account setup flows now issue fresh session tokens automatically, so users don't need to log out and back in after completing setup.
Department heads can now edit leave allowance settings (custom allowance, carry forward, manual carry over) for members within their department, giving them more autonomy over day-to-day team management without needing to involve an admin.
When any expense report is submitted, all administrators and executives in the organization now receive an in-app notification — not just the assigned approver. This ensures visibility across leadership and prevents expense reports from getting stuck in a single approver's queue.
Dates of birth and start dates could appear one day off depending on the user's timezone (e.g., October 19 showing as October 18). This was caused by the browser interpreting UTC midnight dates in the local timezone. Dates are now displayed in UTC consistently for date-only fields, so the displayed date always matches what was entered.
Department heads and managers were seeing their own expense claims in the approvals list, inflating pending counts and creating confusion. Their own claims are now excluded from the approvals view — they'll only see claims from team members they can actually approve.
The pending approvals badge count on the expenses page was computed from the general expense list, which for department heads included their own pending claims. The count is now derived from the dedicated approvals endpoint with proper role-based scoping.
Non-owners could see edit and delete controls on draft expense reports. These controls are now properly gated behind submitter or admin role checks.
The user dropdown on the expense reports page now correctly scopes to department members for department heads, instead of showing all organization users.
PNG file uploads were failing on Windows because certain browsers report an empty MIME type for PNG files. The upload flow now falls back to file extension detection on the client, and the server uses magic byte detection to confirm the actual file format regardless of what the browser reports.
After uploading a new avatar, the old image would persist until a page refresh. The avatar component now properly invalidates its cache after upload, and all instances across the page refresh immediately with the new image.
Avatars were failing to load in various components because they were using raw storage keys as URLs instead of the authenticated API endpoint. All 18 components that render avatars now use the authenticated fetch path, with a shared blob URL cache to avoid redundant network requests.
Expense cards and table rows were rendering broken avatar images. These now use the standard UserAvatar component with proper authenticated loading.
Users were experiencing a frustrating bug where parts of the app would get stuck on infinite loading spinners, requiring a manual page refresh (sometimes twice) to recover. This happened randomly across the entire app — dashboard, settings, documents, time tracking, everywhere.
What was happening: When multiple API requests fired simultaneously with an expired authentication token, the first request would successfully refresh the token, but late-arriving responses from other requests would trigger redundant refresh attempts. This cascade left some requests unresolved, causing permanent loading states.
What changed: The app now detects when a token has already been refreshed by another concurrent request and skips unnecessary refresh attempts. All pending requests silently retry with the new token. Additionally, authentication headers are now managed in a single place, ensuring retries always use the freshest token.
Impact: Pages now load completely and reliably every time. Users can leave the app open, come back after their session token expires, and their next action works seamlessly — no more random loading freezes.
The leave request modal's "Takes X days" preview was counting raw calendar days instead of business days. It now uses your organization's configured business days, timezone, and public holiday calendar to give an accurate count. This also fixes an issue where holidays could shift to the wrong day in western timezones due to UTC date conversion.
After completing two-factor authentication setup, all API calls would fail because the session still carried outdated authentication state. Users had to log out and log back in to get a working session. The system now issues a fresh session immediately after 2FA setup completes.
The user management page was showing all organization users to department heads instead of only their department members. Additionally, action buttons (edit, etc.) weren't appearing even when the department head had permission. Both the filtering and permission checks now work correctly.
Long email addresses were getting cut off in the user table. The email column has been widened, and a native hover tooltip now reveals the full address. The Add User modal success summary also now shows the full email without overlapping adjacent fields.
Weekly digest emails were showing redundant duration information for leave entries that span multiple days. The weekly view now shows the employee name and pending status badge only, since the same leave naturally repeats across multiple days in the weekly layout.
Digest date range calculations were using UTC midnight instead of the organization's configured timezone, which could cause off-by-one errors in which leaves appeared in a given digest. Date calculations now consistently use the organization's timezone.
The settings page could fail to load in certain scenarios after completing 2FA setup due to a route matching issue. The route matcher now correctly handles both the settings root and all sub-routes.
Settings navigation items would briefly flash lock icons on page load before the subscription data finished loading. The feature-locked check is now deferred until the subscription data is available, eliminating the visual flicker.
The time tracking settings and expense settings pages were capturing authentication tokens at call time instead of using the app's automatic token injection. This meant that after a token refresh, these pages would retry with the old expired token. They now use the standard automatic authentication flow.
For questions or feedback about this release, contact support@anhourtec.com.