On your security page you can manage two factor authentication and view the audit log.
To enable TOTP, click "Enable TOTP" and scan the QR code with your TOTP app. Enter a valid code to enable TOTP. Note that once enabled, you will not be able to reset your account password without contacting support.
The audit log shows a log of activity on your account and the IP address associated with it. These logs are purged after 14 days.
On your keys page, you can manage public keys associated with your account, which may be utilized by various services throughout the site (such as your SSH keys being used to authorize pushes to git.sr.ht).
On the privacy page, you may choose to have emails from the sr.ht network encrypted with your PGP public key. Add your key on the keys page, then on the privacy page you can select the key you wish to have emails encrypted with. You may also send a test email to confirm that it worked correctly.
All emails from sr.ht will include a PGP signature using the key provided on the security page, regardless of your encryption preferences. You may use this key to verify the authenticity of our emails if you wish.
On the OAuth page, you can manage access to your account that you have authorized to third parties.
This is a list of OAuth keys issued to third parties and the resources they are permitted to access on your account. You may revoke the third party's access to your account with the "Revoke" button.
Registering an OAuth client allows you to build applications that can authenticate sr.ht users and access resources on their account. On this page you may register new clients and manage existing ones. For details on the API side of OAuth, visit the API reference.
On the "manage" pages, you will find:
You may edit your public client name here, as well as editing the URI sr.ht will redirect to upon successful authorization by a user.
Should security issues come up with your OAuth application, you will find some mitigations here. "Reset client secret" will issue you a new client secret, and "Revoke all tokens" will revoke all tokens previously issued to your OAuth client, requiring you to re-authorize users.
If you wish to integrate more deeply with sr.ht, you can have meta.sr.ht authorize access to your API. On the scopes page you may create new OAuth scopes that third parties can request permission for use on your API. For details, see delegated OAuth.
Here you may permenantely delete your OAuth client.
If you want to integrate with sr.ht APIs for your personal scripts or tools, you can request a personal access token here. All personal access tokens expire in 1 year and have complete access to your sr.ht account across the sr.ht network and any third parties that delegate to sr.ht for authentication to their APIs.
Note: This tab is not visible to the general public, and this information is only applicable to users running their own meta.sr.ht instances.
If you run a closed instance (i.e.
[meta.sr.ht]registration=no in your
config), this page can be used to generate one-time registration links to invite
users to create an account.