User settings

You can access your Netlify user settings by selecting your avatar (labeled “User” for screen readers) at the top of the screen, then selecting User settings.

# Personal profile

Your profile includes your name, email, password, default team, and connected Git providers.

# Connect your Git provider accounts

You can connect your Netlify user to one or more Git providers to make logging in and collaborating with your team easier. You can add, edit, and disconnect your Git provider accounts from User settings > General > Profile > Connected accounts.

If you signed up for Netlify using GitHub, GitLab, or Bitbucket, then your Netlify user will already be linked to that Git provider.

You can connect your Netlify user to multiple Git providers, but you cannot:

  • connect one Netlify user to two accounts from the same Git provider
  • connect two different Netlify users to the same Git provider account

Member lists at the site and team level include connected accounts for each member.

# Two-factor authentication (2FA)

With two-factor authentication, you can enhance the security of your Netlify user account by requiring a second form of authentication on login. This is achieved using an authentication app such as Authy, 1Password, LastPass, or Google Authenticator.

To enable two-factor authentication, go to your user settings, then to Security > Two-factor authentication.

Select Enable two-factor authentication, and you’ll be presented with a QR code to scan into your chosen authentication app. Alternatively, you can enter the alphanumeric code listed under Manual entry directly into your authentication app. In both cases, the app will then present a 6-digit authentication code to enter into the Netlify UI.

Enter the code and select Next: Recovery codes. The next step presents ten recovery codes you can use to access your account when you don’t have your authentication app available. These will only be presented once, so be sure to copy or print them before completing your setup.

Keep them secret! Keep them safe!

Recovery codes help prevent you from being locked out of your account if you lose your phone or otherwise can’t access your authentication app. Store them somewhere secure where you know you can find them again.

Once you have enabled two-factor authentication, every time you log in to Netlify, you will be required to enter a temporary authentication code from your authentication app. Alternatively, you can enter one of your recovery codes. Each code can be used only once.

If you need to disable two-factor authentication, go to your user settings, then to Security > Two-factor authentication. Select Disable two-factor authentication. You will need to enter a valid authentication or recovery code to complete the task.

# Connect with other applications

Under the Applications section of your user settings are controls for three methods of connecting your Netlify user with other applications and services:

  • OAuth applications – If you build or use an application that accesses the Netlify API as an OAuth app, you can add it here. When you register an application, Netlify will provide a client ID and secret you can use in your application settings.
  • Personal access tokens – You can generate these for manual authentication in shell scripts or commands that use the Netlify CLI or API.
  • Authorized applications – When you use your Netlify login to sign in with another application, such as Netlify CLI, Netlify Support Forums, or Zapier, the application is added to this list. You can revoke authorization by selecting Options > Revoke access for the application.

Grant access to a team where only SSO is allowed

If your team requires you to log in with single sign-on (SSO), API calls to your team using your access tokens will be denied access by default. This applies to both personal access tokens and tokens from authorized applications. You can choose to grant access to the team when generating a new personal access token or authorizing an application. You must be logged in to the team with SSO to grant access to it. Each token can be granted access to only one SSO team. To grant access to multiple teams, use multiple tokens.