Settings Reference
The Settings page is organized into tabs grouped by function. This reference covers every configurable option.
Profile Tab
Personal settings for your user account.
| Setting | Description |
|---|---|
| Name | Your display name. Shown in team lists, incident notes, and audit logs. If you are the workspace owner, this is synced to your Stripe customer profile. |
Workspace Tab
Workspace-wide settings. Requires the Admin role.
| Setting | Description |
|---|---|
| Workspace Name | The name of your workspace. Shown in the sidebar and synced to Stripe. |
| Timezone | Controls how timestamps are displayed in reports and the dashboard. Options include UTC, US timezones, European timezones, Asia/Pacific, and more. |
| Preferred Firewall | The firewall system used for generating mitigation rules. Options: iptables, nftables, ufw, firewalld, pf, ipfw, csf, shorewall, MikroTik, VyOS, JunOS, Cisco. |
| Correlation Alert Mode | How correlated multi-node attacks are alerted. Grouped: one alert for the group. Individual: separate alerts per incident. |
| Auto-Resolve Minutes | How long before active incidents are auto-resolved if traffic normalizes. Options: 0 (disabled), 5, 10, 15 (default), 30, 60 minutes. |
| Min Alert Severity | The minimum severity level that triggers alerts. Set to "Medium" to suppress Low severity notifications. Options: Low (default), Medium, High, Critical. |
| Report Frequency | Automated report delivery schedule. Options: Weekly, Monthly, Both (default), None. |
IP Allowlist for Dashboard Access
The workspace Owner can restrict dashboard access to specific IP addresses or CIDR ranges. Enter one IP or CIDR per line. Both IPv4 and IPv6 are supported.
Deploy Token
Generate or revoke a deploy token for automated node provisioning via the POST /api/deploy endpoint. The token is a 64-character hex string. Only one deploy token exists per workspace. Generating a new one replaces the old one.
ISP Abuse Auto-Notification
When enabled, Flowtriq can automatically send abuse reports to upstream ISPs for attacks that meet minimum severity, PPS, and BPS thresholds.
Service Port Defaults
Set workspace-wide defaults for service port detection. These settings are applied to new nodes when they are created. See the Service Port Detection guide for details.
Security Tab
Authentication and security settings.
| Setting | Description |
|---|---|
| Change Password | Update your password. Requires your current password and a new password of at least 8 characters. Passwords are hashed with bcrypt (cost=12). |
| Login Alerts | When enabled, you receive an email notification each time someone logs into your account. Useful for detecting unauthorized access. |
API Tab
Manage API tokens for programmatic access. Requires the Admin role.
Generating an API Token
- Go to Settings → API.
- Enter a Token Name (e.g., "CI/CD Pipeline" or "Monitoring Script").
- Click Generate Token.
- The token is displayed once. Copy it immediately. It starts with
ft_followed by 64 hex characters.
Revoking a Token
Click Revoke next to any active token. Revoked tokens are immediately invalidated and cannot be used for authentication.
Token Details
Each token entry shows:
- Token name
- Prefix (first 10 characters, e.g.,
ft_a3b2c1...) - Created timestamp
- Last used timestamp (updated on each API call)
Account Tab
Account-level settings and dangerous operations.
Change Email
Update your login email address. Requires your current password for verification. If you are the workspace owner, the email change is synced to Stripe.
Notification Preferences
| Setting | Description |
|---|---|
| Email Digest | How email notifications are batched. Options: Instant (every event), Hourly, Daily. |
| Mute Low Severity | Suppress notifications for Low severity incidents. |
| Mute Medium Severity | Suppress notifications for Medium severity incidents. |
| Mute Attack Updates | Suppress notifications for attack status updates (peak changes, etc.). |
| Quiet Hours | Set a start and end time (HH:MM) during which notifications are suppressed. |
Export Data
Download a JSON export of all your workspace data, including user profile, incidents, nodes, audit log (last 1,000 entries), and notification log (last 1,000 entries).
Delete Account
Permanently delete your user account. Type DELETE to confirm, then enter your password. If you are the only member of a workspace, the entire workspace and all its data are deleted. If other members exist, you are removed and they retain access.
Delete Workspace
Workspace owners can delete the entire workspace. This requires typing the exact workspace name and entering your password. All members are emailed a notification. All workspace data (nodes, incidents, channels, integrations, etc.) is permanently deleted.