Account

Edit your name and avatar at /app/settings/profile. Your name shows up next to messages, audit log entries, and document authorship across the workspace, so make it the version your colleagues will recognize.

You can change the email address on your account, but the new address has to be verified the same way as sign-up — we send a verification link and your old address stays active until you click it.

Change your password from /app/settings/profile or via the public /forgot-password flow if you’re locked out. Passwords are stored as salted hashes (handled by Better Auth) — even our database admins can’t read them.

If your workspace owner enabled magic-link sign-in, you can choose to sign in via a one-time email link instead of a password — useful if you’d rather not maintain a long workspace-specific password.

Owners and Admins manage seats at /app/settings/members — invite by email, change a member’s role (Owner / Admin / Manager / Member / Viewer), or revoke access. Each seat has a role that controls what they can see and do across modules; finer-grained per-module overrides are queued.

If your workspace has an "allowed email domains" list, invitations to addresses outside those domains are rejected before the email is sent. Set or clear the list at Settings → Workspace.

The workspace audit log lives at /app/settings/audit. Every administrative action — invite sent, role changed, document deleted, leave approved, board archived — lands here with the actor, the IP address, the user agent, and a clickable link to the affected record.

The log is read-only for everyone (including Owners) — entries can’t be edited or deleted from the UI. Useful for compliance reviews and the occasional "who did what last week".

See active sessions on your account from /app/settings/profile → "Active sessions". Each session shows the device, browser, last-used time, and rough location (derived from IP). Sign out a session you don’t recognize and the device is force-logged-out within seconds.

Sessions expire automatically after 30 days of inactivity. Signing out from one device doesn’t affect your other sessions; signing out "everywhere" terminates all sessions at once.