Skip to main content

Settings, audit log & notifications

The Settings page is the home for everything that isn't a project, a customer, or a ticket — profile, security, org configuration, notification preferences, and the audit log.

Profile

The first tab on the Settings page shows your own profile. You can edit:

  • Display name — shown in comments, the sidebar avatar, and the team list.
  • Email — used for invitations, notifications, and account recovery. Changing your email triggers a verification message to the new address; the change is not committed until the link in the email is clicked.
  • Company — free text, shown next to your name in team lists.
  • Phone — optional, shown in the team drawer only.
  • KNX role — a free-form categorisation (integrator, owner, service, technician) used by the catalog and marketplace for filtering. Independent of your memberRole in a specific org.
Settings Profile tab showing display name, email, company, phone, and KNX role fields, each with a pencil icon to edit inline and a Save button.

Security

The Security tab is where you:

  • Change your password — requires the old password and a new one that meets the public beta policy (≥12 chars, upper, lower, numeric, symbol).
  • Enable MFA — scan a TOTP QR code with an authenticator app (1Password, Authy, Aegis). The beta supports TOTP only; SMS is deliberately excluded.
  • Sign out everywhere — invalidates every active session on every device. Use this if you suspect a credential leak.
Enable MFA before go-live

We'll make MFA mandatory for admin member roles after the public beta; enabling it now saves you the scramble later.

Organisation

The Organisation tab is visible only to admin members. From here you can edit:

  • Organisation name
  • Description
  • Default language (used in outbound emails like invitations)
  • Logo (optional, 512×512 PNG)

You can also leave the organisation (for non-owner admins) or transfer ownership to another admin.

Notifications

The Notifications tab controls what events fire a notification for your user. It is a matrix of event × channel:

EventIn-appEmail
You're assigned a service case
A case you watch changes status
Someone @mentions you in a comment
You're invited to a new organisation
An ETS upload you triggered finishes
A transfer involving your org changes

Every row can be toggled independently. Unchecking a row takes effect immediately for new events; existing notifications are not rewritten.

In-app notifications appear on the Notifications page (sidebar, bell icon). Unread notifications are bolded and counted in the sidebar badge; click a notification to mark it read and jump to the referenced object.

Settings Notifications tab showing a table of notification event types with two columns of toggle switches labelled In-app and Email.

Audit log

The Audit log page (also reachable from the sidebar as its own top-level entry) is a tamper-evident append-only log of every administrative action taken in your organisation. It is visible to admin members only.

Entries are generated for:

  • Member add, remove, role change
  • Project create, status change, delete
  • Customer invite, revoke
  • Transfer initiate, accept, decline
  • API key create and delete
  • Settings changes that affect the org
Audit log page showing a filter bar with date range, actor, and action type, plus a table with columns Timestamp, Actor, Action, Target, and Details.

You can filter by:

  • Date range
  • Actor (member)
  • Action type
  • Target entity

Export filtered results to CSV via the Export button in the top-right. Audit entries are retained for 365 days in the public beta; older entries are pruned on a nightly cron.

What isn't in the audit log

Data plane actions — creating a service case, uploading an ETS file, editing a device — are not in the audit log today. Those fall into the projectActivities feed on the dashboard and the project's Activity tab. The audit log is control-plane only: who has access, who is in the team, and what moves between orgs.

Data export and account deletion

Under Settings → Privacy you can:

  • Request a data export — downloads every row associated with your user (profile, memberships, authored comments, AI chat history) as a zip of JSON files. Available within minutes for small accounts; larger accounts are queued and the download link is emailed.
  • Delete your account — permanently removes your Cognito user, your users row, and every child record. Projects and org data you created remain with the organisation (otherwise deleting one admin would orphan the whole org). You will be signed out immediately.

Both are required for GDPR Articles 15 and 17 and are available to every user, not just admins.

Support and feedback

Under Settings → Support the footer shows:

  • A link to this documentation site
  • A link to the changelog (once released)
  • A link to the in-app feedback form (also reachable from the "BETA" banner at the top of the screen)
  • A link to security disclosure for responsible reporting of security findings