Skip to main content

Settings and security

Tiden separates personal security, organization security, workspace secrets, and product settings.

Profile

Profile settings include:

  • Name and avatar.
  • Password changes.
  • API tokens.
  • Two-factor authentication.
  • Passkeys.
  • Recovery codes.

API tokens

API tokens are shown once, start with tfy_, and are intended for CLI, CI, MCP, and public REST API use.

Store tokens in a secret manager. Revoke unused tokens from profile settings.

Two-factor authentication

Users can enroll TOTP, register passkeys, and regenerate recovery codes. Organizations can require two-factor authentication for members.

If a member loses access, an organization admin can reset that member's two-factor setup.

Workspace credentials

Workspace credentials store external secrets for automation, especially LLM providers. Credentials are write-only after creation. Use the test action to verify that a credential is usable.

Product settings

Product settings manage product metadata. Product deletion should be treated as destructive and reserved for retired or test products.