Settings Faz E3
Configure your API endpoint and access key. The key is stored only in this browser's localStorage.
API Endpoint
Health Probe
—
Two-factor authentication (TOTP)
Optional but strongly recommended. Compatible with Google Authenticator, 1Password, Authy, Aegis, and any RFC 6238 client.
1. Scan this QR or paste the secret into your authenticator:
2. Type the 6-digit code your app shows:
Save these recovery codes. Each works once if you lose access to your authenticator. They are NOT shown again.
Type your current 6-digit code to confirm disabling 2FA:
Assets & DCV
Register a domain, place the verification record, then run the gate. Without DCV no scan can start.
Register a domain
Your assets
Rules of Engagement
Upload the signed PDF authorising AssurePort to test a target. Validation runs through Claude Haiku 4.5 — score ≥ 0.85 required.
Upload RoE PDF
Active RoE documents
Scans
Dispatch scans against assets that have a valid DCV + active RoE.
Dispatch a scan
Recent scans
Members & Invitations
Invite teammates, manage roles. Owners and admins can invite. Owner role is protected (last-owner cannot be demoted or removed).
Invite a teammate
Active members
Pending invitations
API Keys
D1 only stores SHA-256 hashes. New keys are shown ONCE — save them in your password manager.
Issue a new key
Active keys
Account
Token balance & top-up. 1 credit = $0.01 USD of Anthropic API spend.
Balance
Top up (dev)
Production top-ups will run via Gumroad webhook (Faz D2). This is a dev-only direct ledger insert.