1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
|
---
title: meta.sr.ht docs
---
[meta.sr.ht](https://meta.sr.ht) is a service on sr.ht that manages your user
account.
**See also**:
- [API reference](api.md)
- [Installation guide](installation.md)
# Profile
On your [user profile](https://meta.sr.ht/profile), you can set some
aesthetic information, which will be shown publically. The bio supports
[Markdown](/markdown).
# Security
On your [security page](https://meta.sr.ht/security) you can manage two factor
authentication and view the audit log.
## Two factor authentication
Presently, only
[TOTP](https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm) is
supported for two-factor authentication. Our recommended token software is
[andOTP](https://f-droid.org/packages/org.shadowice.flocke.andotp/), but others
like Google Authenticator will also work.
To enable TOTP, click "Enable TOTP" and scan the QR code with your TOTP app.
Enter a valid code to enable TOTP. Note that once enabled, you will not be able
to [reset your account password](#password-reset) without contacting support.
## Audit Log
The audit log shows a log of activity on your account and the IP address
associated with it. These logs are purged after 14 days.
# Keys
On your [keys page](https://meta.sr.ht/keys), you can manage public keys
associated with your account, which may be utilized by various services
throughout the site (such as your SSH keys being used to authorize pushes to
git.sr.ht).
# Privacy
On the [privacy page](https://meta.sr.ht/privacy), you may choose to have emails
from the sr.ht network encrypted with your PGP public key. Add your key on the
[keys page](https://meta.sr.ht/keys), then on the privacy page you can select
the key you wish to have emails encrypted with. You may also send a test email
to confirm that it worked correctly.
All emails from sr.ht will include a PGP signature using the key provided on the
security page, regardless of your encryption preferences. You may use this key
to verify the authenticity of our emails if you wish.
# OAuth
On the [OAuth page](https://meta.sr.ht/oauth), you can manage access to your
account that you have authorized to third parties.
## Authorized Clients
This is a list of OAuth keys issued to third parties and the resources they are
permitted to access on your account. You may revoke the third party's access to
your account with the "Revoke" button.
## Registered Clients
Registering an OAuth client allows you to build applications that can
authenticate sr.ht users and access resources on their account. On this page you
may register new clients and manage existing ones. For details on the API side
of OAuth, visit the [API reference](api.md).
On the "manage" pages, you will find:
### Settings
You may edit your public client name here, as well as editing the URI sr.ht will
redirect to upon successful authorization by a user.
### Security
Should security issues come up with your OAuth application, you will find some
mitigations here. "Reset client secret" will issue you a new client secret, and
"Revoke all tokens" will revoke all tokens previously issued to your OAuth
client, requiring you to re-authorize users.
### Scopes
If you wish to integrate more deeply with sr.ht, you can have meta.sr.ht
authorize access to *your* API. On the scopes page you may create new OAuth
scopes that third parties can request permission for use on your API. For
details, see [delegated OAuth](api.md#delegated-oauth).
### Delete
Here you may permenantely delete your OAuth client.
## Personal Access Tokens
If you want to integrate with sr.ht APIs for your personal scripts or tools, you
can request a personal access token here. All personal access tokens expire in 1
year and have complete access to your sr.ht account across the sr.ht network and
any third parties that delegate to sr.ht for authentication to their APIs.
# Admin
**Note**: This tab is not visible to the general public, and this information is
only applicable to users running their own meta.sr.ht instances.
## Invite Links
If you run a closed instance (i.e. `[meta.sr.ht]registration=no` in your
config), this page can be used to generate one-time registration links to invite
users to create an account.
# Password Reset
You can reset your meta.sr.ht password on [this
page](https://meta.sr.ht/forgot).
|
