Sign-up and login
Last updated: Apr 14, 2026
First-time sign-up
To sign up for the platform, go to app.fluidattacks.com/SignUp and follow the instructions (see "Sign up to Fluid Attacks" for a description).
You can sign up only with a valid Google, Azure or Bitbucket corporate account and must provide a Git repository to test (if you choose to import repositories using Open Authorization, make sure you have enabled third-party application access, e.g., in Azure DevOps).
All Essential plan features are free for 21 days. During the free trial or after it ends, you can subscribe to a paid plan.
User authentication
Fluid Attacks' platform does not support the creation of users and credentials. Instead, for stronger security, it delegates authentication to your trusted providers: Microsoft, Google, and Atlassian. Any necessary permissions for authentication are therefore managed within your configuration settings with those providers.
To log in to Fluid Attacks' platform, go to app.fluidattacks.com. There, you will be prompted to continue with your corporate account through one of the supported identity providers: Google, Microsoft Azure or Bitbucket. Authentication is handled by Auth0, which strengthens the security of the process by delegating it to your trusted provider.
Grant permission to Fluid Attacks for authentication
As mentioned above, authentication to the Fluid Attacks platform is made possible by your corporate account provider. In some cases, the domain administrator must consent to it. Microsoft users may specially face this extra step. To learn how to grant this permission, read the official Microsoft page "Grant tenant-wide admin consent to an application".
Permissions
Microsoft users grant Fluid Attacks the User.Read permission. This permission
- allows users to sign in to the platform;
- allows the platform to read the profile of signed-in users, and
- allows the platform to read basic company information of signed-in users.