Explore the user menu | Fluid Attacks Help

Explore the user menu

Fluid Attacks' platform allows you to manage your personal settings through options accessible through the user menu. To open this menu, click on your username at the top-right corner of your screen. This page guides you through each of the available features.

Access user menu on the Fluid Attacks platform

See your name, email, phone number and role

The top of the user menu displays your username, email address, mobile phone number and role within the organization. Bear in mind that your role at the group level is not necessarily the one you have at the organization level. To learn about the available roles and their permissions, read Understand roles.

See user info and details on the Fluid Attacks platform

Generate or revoke the API Token

The API token option lets you generate or revoke a token for accessing and utilizing the platform's API as well as Fluid Attacks' integrations. For more information about API token management, read Learn the basics of the Fluid Attacks API.

Find API token option on the Fluid Attacks platformAPI token option in the user menu
Manage API token on the Fluid Attacks platformAPI token management pop-up window

Manage notifications

The Notifications option directs you to a platform section that allows you to customize the alerts you want to receive at your email address. For a comprehensive understanding of each alert, read Enable and disable notifications.

Find Notifications option on the Fluid Attacks platformNotifications option in the user menu
Access the Notifications section on the Fluid Attacks platformNotifications section
In this section, you can indicate the CVSS severity score lower threshold to get Vulnerability alert notifications. Just specify the value in the Minimum severity field.

Set minimum severity for notifications on the Fluid Attacks platform

Manage your trusted devices

Trusted devices are registered during the platform login process. This feature temporarily eliminates the need to provide a verification code when you access the platform with those devices. You can see a list of the latter in the section accessible by clicking the Trusted devices option.

Find Trusted devices option on the Fluid Attacks platformTrusted devices option in the user menu
Manage trusted devices on the Fluid Attacks platformTrusted Devices section
The trusted devices table provides you with the following information:
  • Device: Operating system
  • Location: Country of login
  • Browser: Browser name
  • First sign-in: Initial login date
  • Recent activity: Last login date from the trusted device.

To delete the device, simply click on the trash can icon (Remove trusted device on the Fluid Attacks platform).

Note on trusted devices
Note: Please be aware that if you tick the checkbox "I trust this device. Don't ask code for 180 days" during login, your device then retains the following information:
  • The "jti", which is an ID of a JSON Web Token (JWT), stored in browser cookies
  • Your web browser details
  • Your operating system details

However, if you do not select this option, the platform then requires a one-time password (OTP) each time you log in.

Register or change your phone number

The Mobile option enables you to register or update your mobile phone number, a requirement for downloading reports from Fluid Attacks' platform reports.

Find Mobile option on the Fluid Attacks platform

Clicking Mobile opens a pop-up window. If you have not registered your number yet, add it and enter the verification code sent via SMS or WhatsApp message.

If your number is already registered, you can change it by clicking Edit, providing the new number and following the verification steps.
Edit phone number on the Fluid Attacks platformMobile pop-up window
Manage your phone number on the Fluid Attacks platformOption to edit phone number

Ethics Hotline

The Ethics Hotline option takes you to a third-party platform where you can submit anonymous feedback. You can report cases such as complaints on your behalf or other's. However, cases regarding positive experiences are also allowed for submission.

Find anonymous reporting option on Fluid Attacks platform

Delete account

Choose Delete account to trigger the steps to permanently remove your account and access privileges if you no longer need the platform.

Find account deletion option on the Fluid Attacks platform

A warning message appears before deletion, emphasizing that account restoration is impossible.

Confirm delivery of account deletion email on the Fluid Attacks platform

Note on user removalNote: Regardless of their role, all members are automatically removed after 90 days of inactivity.

Log out

Use Log out to end your current session on Fluid Attacks' platform.

Log out from the Fluid Attacks platform

Platform version

The user menu displays the commit hash ID and deployment date and time of the latest Fluid Attacks platform update. Clicking the commit hash takes you to GitLab, where you can view detailed change information like the specific file changed, modified code lines, and the developer responsible for the commit.

See platform version on the Fluid Attacks platform

View as client

Info on required role
When enabled, the View as client feature allows you to use the platform sections and functions currently available to Fluid Attacks clients. While disabled, you can enjoy features unavailable or not yet available to clients.

View the Fluid Attacks platform as client

Free trial message
Free trial
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.