Explore the user menu
Last updated: Mar 16, 2026
Fluid Attacks’ platform allows you to manage most of your personal settings through options accessible through the user menu. To open this menu, click on your username at the top-right corner of your screen. This page guides you through each of the available features.
See your name, email, phone number and role
The top of the user menu displays your username, email address, mobile phone number and role within the organization. Bear in mind that your role at the group level is not necessarily the one you have at the organization level.
To learn about the available roles and their permissions, read “Understand roles ”.
Generate or revoke the API token
The API token option lets you generate or revoke a token for accessing and utilizing the platform’s API as well as Fluid Attacks’ integrations . To generate the token, go to API token > Add token, enter a name and expiration date up to six months from the current date, and click Confirm. To revoke the token, go to API token > Revoke.
For more information about API token management, read “Learn the basics of the Fluid Attacks API ”.
Manage notifications
The Notifications option directs you to a platform section that allows you to customize the alerts you want to receive at your email address.
In this section, you can indicate the CVSS severity score lower threshold to get Vulnerability alert notifications. Just specify the value in the Minimum severity field.
For a comprehensive understanding of each alert, read “Enable and disable notifications ”.
Manage your trusted devices
Trusted devices are registered during the platform login process . This feature temporarily eliminates the need to provide a verification code when you access the platform with those devices. You can see a list of the latter in the section accessible by clicking the Trusted devices option.
The trusted devices table provides you with the following information:
- Device: operating system
- Location: country of login
- Browser: browser name
- First sign-in: initial login date
- Recent activity: last login date from the trusted device
To delete the device, simply click on the trash can icon.
Please be aware that if you tick the checkbox “I trust this device. Don’t ask code for 180 days” during login , your device will retain the following information:
- The “jti”, which is an ID of a JSON Web Token (JWT) and is stored in browser cookies
- Your web browser details
- Your operating system details
However, if you do not select this option, the platform then requires a one-time password (OTP) each time you log in.
Register or change your phone number
The Mobile option enables you to register or update your mobile phone number, a requirement for downloading reports from Fluid Attacks’ platform.
Clicking Mobile opens a pop-up window. If you have not registered your number yet, add it and enter the verification code sent via SMS or WhatsApp message.
If your number is already registered, you can change it by clicking Edit, providing the new number and following the verification steps.
Ethics Hotline
The Ethics Hotline option takes you to a third-party platform where you can submit anonymous feedback. You can report cases such as complaints on your behalf or others’. However, cases regarding positive experiences are also allowed for submission.
Delete account
Choose Delete account to trigger the steps to permanently remove your account and access privileges if you no longer need the platform.
A warning message appears before deletion, emphasizing that account restoration is impossible.
Regardless of their role, all members are automatically removed after 90 days of inactivity.
Log out
Use Log out to end your current session on Fluid Attacks’ platform.
Platform version
The user menu displays the commit hash ID and deployment date and time of the latest Fluid Attacks platform update. Clicking the commit hash takes you to GitLab, where you can view detailed change information like the specific file changed, modified code lines, and the developer responsible for the commit.
View as client
A Fluid Attacks staff role is required
When enabled, the View as client feature allows you to use the platform sections and functions currently available to Fluid Attacks clients. While disabled, you can use features only available to Fluid Attacks staff.
Feature preview
A Fluid Attacks staff role is required
When enabled, Feature preview allows you to use platform sections or functions before Fluid Attacks releases them to the clients.
Search for vulnerabilities in your apps for free with Fluid Attacks’ automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan . If you prefer the Advanced plan, which includes the expertise of Fluid Attacks’ hacking team, fill out this contact form .