Explore the user menu | Fluid Attacks Help

Explore the user menu

Attention users: Our platform is getting a fresh new look! Soon, you'll enjoy an updated interface designed to enhance your experience. Stay tuned for the unveiling, and get ready to explore the improved Fluid Attacks platform!
Due to the above, some of the content of this article may undergo modifications.
Navigating Fluid Attacks' platform offers straightforward access to multiple functionalities. Like identifying your user profile, registering your mobile number, getting the API token, managing your trusted devices, customizing email notifications, setting CVSS score thresholds, managing account deletion, and logging out, all accessible through a convenient drop-down menu.

Below, we will explain in detail the information inside this menu and how it can be helpful to you as a user. It is important to remember that this menu is accessible through the upper right corner, hovering over the username and the icon next to it.

User Drop Down Menu

See your name, email, phone number and role

When you open this menu, the first information you will find will be your username on the platform, the e-mail address you use to log in, and your role within the organization.

Name, email and role

It is important to note that your role within a specific group may change. If you would like more detailed information about roles, please click here for more details.

Generate or revoke the API Token

By clicking on this option, you can generate the token to access and use the API of our platform.

Api option

You will be able to set an expiration date before generating the token. Please visit the following link for detailed information about the token generation process. Also, you can access this other link to learn how to integrate this tool into your scripts or use the API in GraphQL.

Manage notifications

Next, you will find the Notifications option, which lets you choose which notifications you want to activate and receive at your email address.

Notification option

If you want to obtain detailed information about each type of notification, we invite you to follow this link.

Notification Matrix

In this section, you can also find the Minimum Severity control, which helps you to configure the CVSS (Common Vulnerability Scoring System) severity range that you want to receive in the Vulnerability Alert notification. According to the number you leave in this section, vulnerabilities with a severity higher than the limit you set will be reported.

Minimum Severity

Manage your trusted devices

Trusted devices are added during the platform login process. You can access the list by clicking on the option Trusted devices in the user menu.

Trusted devices

Please be aware that if you tick the checkbox "I trust this device. Don't ask code for 180 days" during login, your device will retain the following information:

  • The "jti", which is an ID of a JSON Web Token (JWT), stored in browser cookies

  • Your web browser details

  • Your operating system details

However, if you do not select this option, the platform will require a one-time password (OTP) each time you log in.

The trusted devices table provides you with the following information:

  • Device: Name of the operating system.
  • Location: Country and city where the login occurred.
  • Browser: Name of the browser.
  • First sign-in: The date of the initial login.
  • Recent activity: Date of last login from the trusted device.

To delete the device, simply click on the trash can icon.

Delete device

Register or change your phone number

Next is Mobile, which allows you to register your mobile phone number. This registration is required to access Fluid Attacks' platform reports.

Mobile Option

When you click on the Mobile option, a pop-up window will appear. If you have yet to register your mobile phone, you will be asked to add your number and then enter the verification code sent via SMS to complete the registration. If your number is registered and successfully confirmed, you will have the option to change it. To do this, click the Edit button and follow the verification procedure.Enter Mobile

Delete account

Next on the menu is the Delete account option. This will allow you to delete your account if you are no longer using the platform. Your access privileges will be deleted along with the account. Before proceeding, a warning message will appear, reminding you that you will not be able to restore your account afterward.

Delete Account

Note on user removalNote: Regardless of their role, all members are automatically removed after 90 days of inactivity.

Log out

Lastly, the Log out option will allow you to end your session on Fluid Attacks' platform.