Skip to main content

User Settings

Configure your personal QuivaWorks account settings, including profile information, security options, and preferences. These settings are specific to you and don’t affect other users.

Accessing Your Settings

Click your profile icon in the bottom left corner and select “Settings” to access your personal configuration.

Profile Information

Updating Your Name

Change your display name:
1

Navigate to Profile

Settings → Profile
2

Update Name

Edit your first and last name
3

Save

Click “Save Changes”
Your display name appears in:
  • User lists in account management
  • Activity logs and audit trails
  • Collaboration features
  • Email notifications

Password & Authentication

Changing Your Password

1

Navigate to Credentials

Settings → Credentials
2

Enter Current Password

Verify your identity
3

Enter New Password

Must meet requirements:
  • Minimum 8 characters (12+ recommended)
  • Uppercase and lowercase letters
  • At least one number
  • At least one special character
4

Confirm New Password

Re-enter to verify
5

Update

Click “Update Password”
After changing your password, all your other active sessions will be terminated. You’ll remain logged in on your current device.

Forgot Your Password?

If you can’t remember your current password:
  1. Log out of your account
  2. Click “Forgot password?” on the login page
  3. Enter your account name and email
  4. Check your email for reset instructions
  5. Create a new password
Password recovery guide →

Multi-Factor Authentication (MFA)

MFA is strongly recommended for all users and required for Admin and Root roles.

Setting Up MFA

Complete MFA guide →

Managing Recovery Codes

Recovery codes provide backup access if you lose your MFA device. To view your recovery codes:
  1. Settings → Password and Authentication
  2. Scroll to “Recovery Codes”
  3. Click “View”
To generate new codes:
  1. Settings → Password and Authentication
  2. Click “Generate New Recovery Codes”
  3. Download and store securely
Generating new codes invalidates all previous codes. Store them in a password manager or secure location immediately.

Session Management

Viewing Active Sessions

See all devices where you’re currently logged in:
  1. Settings → Sessions
  2. Review each session:
    • Device type (Macintosh, Windows, etc.)
    • Browser (Chrome, Firefox, Safari)
    • Location (when available)
    • IP address
    • Expiration time
Active Sessions

Terminating Sessions

To end a specific session:
  1. Find the session in your list
  2. Click “Terminate session”
To end all other sessions:
  1. Click “Terminate sessions” at the top
  2. Confirm the action
Use this if you forgot to log out on a shared computer or suspect unauthorized access.

Session Lifetimes

  • Access Token: 1 hour
  • Refresh Token: 24 hours
After 24 hours of inactivity, you’ll need to log in again. Complete session guide →

API Keys

Manage API keys for programmatic access to QuivaWorks.

Creating an API Key

1

Navigate to API Keys

Settings → API Keys
2

Click Add

Click the “Add” button
3

Name Your Key

Enter a descriptive name (e.g., “Production App”, “CI/CD Pipeline”)
4

Copy Key

Copy immediately - it won’t be shown again
5

Store Securely

Save in password manager or secret management system
API keys inherit your user permissions and expire after 3 months. Never commit keys to version control.

Managing Your Keys

To view your keys:
  • Settings → API Keys
  • See all active keys with creation and expiration dates
To delete a key:
  1. Click on the key name
  2. Click “Delete”
  3. Confirm deletion
Deleting a key immediately revokes access. Any applications using it will stop working.
API key best practices →

Notifications

Email Notifications

You’ll receive automatic email notifications for:

Security Events

  • Password changed
  • Email change requested
  • Passkey added
  • Recovery codes viewed
  • New device login

Account Changes

  • Added to new account
  • Role changed
  • Account renamed
  • Suspended/reactivated

Billing

  • Payment failed
  • Subscription changed
  • Plan upgraded/downgraded
  • Invoice available

System

  • Scheduled maintenance
  • Service updates
  • Important announcements
Email notification preferences are not yet customizable. All security and account-related emails are sent automatically.

Personal Preferences

Language & Region

Currently not customizable. The interface language is determined by:
  • Your browser settings
  • Available translations

Time Zone

Currently not customizable. Times are displayed:
  • In your browser’s local time zone
  • With clear timezone indicators

Theme

Currently not customizable. The interface uses:
  • System-level dark/light mode preferences
  • Responsive design for all screen sizes
Additional personalization options are planned for future releases.

Privacy & Data

Your Data Rights

Under GDPR, you have the right to:
Request a copy of your personal data at any time.To export your data:
  • Use buckets to download stored information
  • Contact [email protected] for complete data export
Update your personal information:
  • Name and email in your profile settings
  • Company details (if Root/Admin)
  • Billing information (if appropriate role)
Request account deletion:
  • Only Root users can close accounts
  • All data permanently deleted within 30 days
  • Cannot be undone
Account closure guide →
Export your data in usable formats:
  • Download from buckets
  • Request complete export from support
To exercise your rights, contact [email protected]

What Data We Store

Your Personal Information:
  • Name and email address
  • Password (encrypted hash only)
  • MFA settings and recovery codes
  • Login activity and sessions
  • API keys you’ve created
  • Your activity within the platform
We Never:
  • Sell your data to third parties
  • Use your data to train AI models
  • Share your data between accounts
  • Access your data without permission
Privacy policy →

Account Information

Your Current Account

View your account details: Account Information:
  • Account name you’re logged into
  • Your email address
  • Your current role and permissions
  • Account owner and admins
Plan Information:
  • Current plan tier
  • Usage statistics
  • Billing cycle
  • Next renewal date
To view billing details, you need Root, Admin, or Billing role. Learn about roles →

Switching Between Accounts

If you have access to multiple QuivaWorks accounts:
  1. Log out of your current account
  2. On the login page, enter the account name for the account you want
  3. Enter your email and password
  4. Complete MFA verification
Each account is independent with its own resources and billing.

Troubleshooting

Common causes:
  • Entered wrong current password
  • New password doesn’t meet requirements
  • Browser autocomplete interfering
Solutions:
  • Verify current password is correct
  • Ensure new password has 8+ chars, uppercase, lowercase, number, special char
  • Try disabling autocomplete
  • Use “Forgot password?” if you can’t remember current password
If you have recovery codes:
  1. Use a recovery code to log in
  2. Go to Settings → Password and Authentication
  3. Remove compromised MFA device
  4. Add new MFA method
  5. Generate new recovery codes
If you lost recovery codes too:
  • Contact an Admin to issue new recovery codes
  • They can reset your MFA from user management
  • Set up MFA again immediately after logging in
Check these items:
  • Key hasn’t expired (3-month limit)
  • Key wasn’t deleted
  • Using correct Authorization header format
  • Your role has necessary permissions
Solution:
  • Generate a new key if expired or deleted
  • Verify format: Authorization: Bearer YOUR_KEY
  • Check with Admin if permissions issue
Check:
  • Spam/junk folder
  • Email filters or rules
  • Correct email address in your profile
If still not receiving:
  • Verify your email address is correct
  • Add [email protected] to contacts
  • Contact support if emails are being blocked
Some settings require specific roles:
  • Billing information: Root, Admin, or Billing role only
  • User management: Root or Admin only
  • Account closure: Root only
Solution: Ask an Admin to grant appropriate permissions or make changes for you.Learn about role permissions →

Security Best Practices

Enable MFA Immediately

Set up MFA as soon as you create your account. Use passkeys for strongest security.

Use Strong Passwords

12+ characters with mixed case, numbers, and symbols. Use a password manager.

Review Sessions Monthly

Check active sessions regularly and terminate any you don’t recognize.

Secure Recovery Codes

Store recovery codes in a password manager, not in email or unencrypted notes.

Rotate API Keys

Generate new keys before the 3-month expiration. Delete unused keys immediately.

Act on Security Emails

If you receive a security notification for an action you didn’t perform, investigate immediately.
Complete security guide →

Getting Help

Security Issues

Suspect unauthorized access or compromise

Account Support

General account and technical questions

Privacy Questions

Data privacy and GDPR requests

Authentication

Complete MFA and password guide

API Keys

Detailed API key management

Sessions

Advanced session management

Roles & Permissions

What your role can access