Devpilot
Getting Started

Account Setup

Create your Devpilot account, complete mandatory two-factor authentication, recover your password, and configure your profile.

Account Setup

Before you can use Devpilot, you need an account. This page walks you through the registration options, the mandatory two-factor authentication setup, password recovery, and profile configuration.

Registration

Devpilot offers three ways to create an account: email and password, Google sign-in, and GitHub sign-in.

Open the registration page

Go to the Devpilot registration page. The form asks for your first name, last name, email address, and a password, plus an agreement to the Terms of Service and Privacy Policy.

Enter your details

Fill in the following fields:

  • First name — Used as part of your display name in shared workspaces.
  • Last name — Used alongside your first name for display.
  • Email address — Your sign-in email and where account notifications are sent. It must be unique.
  • Password — A strong password that meets the requirements below.

Your password must meet all of the following requirements:

  • At least 8 characters long
  • At least one uppercase letter (A-Z)
  • At least one lowercase letter (a-z)
  • At least one number (0-9)
  • At least one special character (for example !@#$%^&*)

Tick the checkbox to agree to the Terms of Service and Privacy Policy. Both are required.

Submit the registration form

Click Create account. If everything validates, Devpilot creates your account and immediately sends you to the two-factor authentication setup flow described below.

A username is generated automatically from the local part of your email and a random suffix. You do not need to pick one during signup.

Click Continue with Google

On the registration or sign-in page, click Google in the social sign-in section. You are redirected to Google.

Authorize Devpilot

Sign in with your Google account (or pick one if you are already signed in) and approve the requested permissions. Devpilot reads your basic profile and email.

Finish signing in

Google sends you back to Devpilot. If this is your first time using Google sign-in with Devpilot, an account is created using your Google profile. You are then taken to the two-factor authentication setup flow.

Click Continue with GitHub

On the registration or sign-in page, click GitHub in the social sign-in section. You are redirected to GitHub.

Authorize the Devpilot application

Sign in to GitHub if prompted and authorize the Devpilot OAuth application. Devpilot reads your basic profile.

Finish signing in

GitHub sends you back to Devpilot. A new account is created on first use. You are then taken to the two-factor authentication setup flow.

Signing up with GitHub creates your Devpilot account. It does not automatically add GitHub as a source control integration for deployments — that is configured separately at the workspace level. See Quick Start Guide.

Sign in with GitHub or Google

Devpilot supports two social providers for registration and sign-in: GitHub and Google. Both flows are interchangeable with email/password — you can create your account one way and later use the other as long as the email address matches.

Supported providers

Only GitHub and Google are supported today. Other providers (for example Microsoft, GitLab, or Bitbucket) are not available for sign-in even if you have seen references to them elsewhere.

How social login works

You click a provider button

From the Devpilot sign-in or registration page, click Continue with GitHub or Continue with Google. Devpilot asks the provider for an authorisation URL and redirects your browser there.

You approve the connection at the provider

The provider shows its standard consent screen. Devpilot requests only the basic scopes it needs:

  • GitHub — your profile and verified email addresses.
  • Google — your profile and email.

Approve the request to continue. If you are already signed in to the provider, this step may be instantaneous.

The provider sends you back to Devpilot

Devpilot receives an authorisation code, exchanges it for an access token, and reads your profile and primary email.

Devpilot finds or creates your account

Devpilot looks for an existing user that matches the social identity, then falls back to matching on email. See Email matching below for the full details.

You complete two-factor authentication

Social login does not skip 2FA. After the provider hands you back to Devpilot you are routed through the same 2FA flow described in the next section — either setting up an authenticator on first sign-in, or entering a six-digit code on every subsequent sign-in.

Email verification is inherited

When Devpilot creates a brand-new account from a social sign-in, the user's email address is marked as verified immediately. There is no separate "confirm your email" step because the provider has already confirmed it for you.

This only applies to accounts created through social sign-in. Accounts created with the email and password form still complete the standard Devpilot email verification flow.

Email matching

Devpilot uses a two-step lookup to decide whether to create a new account or connect the social identity to an existing one:

  1. Match on the social identity — if you have signed in with this provider before, Devpilot finds the stored record by its provider + provider-user-id pair and signs you straight in.
  2. Match on email — if this is the first time you are using the provider with Devpilot, the email returned by the provider is compared to existing Devpilot accounts.

The outcome depends on what Devpilot finds:

Outcome: a fresh Devpilot account is created. Your first and last name are taken from the provider profile, a username is auto-generated from your handle or display name, a strong random password is set on the account (you can reset it later to use email/password sign-in), your email is marked verified, and — if the provider offers an avatar — it is downloaded and saved to your profile.

Outcome: the social identity is linked to your existing Devpilot account. You keep the same account, workspaces, deployments, and settings — you simply gain a new way to sign in. From this point on, using either email/password or the social provider lands you in the same account.

If the existing account was created with email and password, linking a social provider does not change your password. You can continue to sign in either way.

Outcome: you are signed straight into the account that the provider identity is attached to. Your avatar is refreshed from the provider profile in case it has changed, and then you proceed to the 2FA step.

Because matching falls back to email, make sure the email on your GitHub or Google account is the one you want associated with Devpilot. If your company uses a different email domain for Devpilot than for your Google or GitHub account, email/password may be a better fit — or configure your provider account to expose the correct primary email before signing in.

Managing connected social accounts

Once you are signed in you can review and remove connected providers at any time from Account Settings > Password and Security:

  • See which providers are currently connected to your account and when they were linked.
  • Disconnect a provider you no longer use (for example, a personal GitHub account you are replacing with a work one).

See Password and Security for step-by-step instructions.

Two-factor authentication (required)

Devpilot requires two-factor authentication (2FA) before you can reach the dashboard. After you register or sign in with a password, you are redirected to a setup screen that guides you through enabling an authenticator.

Supported authenticator apps

Devpilot uses time-based one-time passwords (TOTP), which are compatible with any standard authenticator app, including:

  • Google Authenticator (iOS, Android)
  • Authy (iOS, Android, Desktop)
  • Microsoft Authenticator (iOS, Android)
  • 1Password (iOS, Android, Desktop, Browser)
  • Bitwarden (iOS, Android, Desktop, Browser)

Setting up 2FA

Start the setup

From the 2FA setup screen, choose a provider (Google or Microsoft) and start setup. Devpilot returns a QR code and a manual entry key.

Add Devpilot to your authenticator

Open your authenticator app and scan the QR code, or type the manual entry key if scanning is not available. The app starts generating a new six-digit code every 30 seconds.

Enter the verification code

Type the current six-digit code into the field on the Devpilot setup page to confirm the authenticator is working.

Save your backup codes

When verification succeeds, Devpilot shows a set of backup codes. Each code can be used once if you lose access to your authenticator.

Store your backup codes somewhere safe, such as a password manager. If you lose both your authenticator device and your backup codes, you may be locked out of the account.

Continue to the dashboard

Devpilot finishes sign-in and redirects you to the dashboard. From this point on, signing in requires your password followed by a six-digit code.

Signing in with 2FA enabled

When 2FA is active, the sign-in flow has two steps:

  1. Enter your email and password as usual.
  2. Enter the current six-digit code from your authenticator app on the verification page.

Password recovery

If you forget your password, use the recovery flow on the sign-in page:

Request a reset

Click Forgot password? on the sign-in page. Enter the email associated with your account and submit.

Check your email

Devpilot sends a reset code or link to the email you entered. Follow the instructions in the message.

Set a new password

Enter a new password that meets the same requirements as registration (at least 8 characters with uppercase, lowercase, number, and special character) and confirm it.

Sign in

Sign in with your new password. You still need to complete 2FA verification to finish signing in.

Profile configuration

After signing in, you can update your profile from the dashboard. Open the Profile or Settings area from your avatar menu.

What you can configure

AreaDescription
Profile informationFirst name, last name, avatar, and basic details used across workspaces.
Email & communicationEmail preferences and notifications.
Password & securityChange your password and manage two-factor authentication.
VisibilityControl what other workspace members can see about your profile.
Activity logReview recent activity on your account.

Settings

From the Settings area you can also manage:

  • General account settings
  • Notifications
  • Preferences (including timezone)
  • Privacy
  • Security (sessions, 2FA, and more)

Your profile is shared across every workspace you belong to. Updating your name or avatar is reflected everywhere you appear as a member.

Next steps

With your account created, secured with 2FA, and your profile configured, you are ready to start using Devpilot:

  • Follow the Quick Start Guide to deploy your first application.
  • Read Key Concepts to understand how workspaces, projects, apps, servers, and deployments fit together.

Key Concepts

Understand the core building blocks of Devpilot — workspaces, projects, apps, servers, deployments, pipelines, hooks, integrations, and roles — and how they relate to each other.

Understanding Workspaces

Learn how workspaces organize your infrastructure, teams, and resources in Devpilot.

On this page

Account SetupRegistrationOpen the registration pageEnter your detailsSubmit the registration formClick Continue with GoogleAuthorize DevpilotFinish signing inClick Continue with GitHubAuthorize the Devpilot applicationFinish signing inSign in with GitHub or GoogleSupported providersHow social login worksYou click a provider buttonYou approve the connection at the providerThe provider sends you back to DevpilotDevpilot finds or creates your accountYou complete two-factor authenticationEmail verification is inheritedEmail matchingManaging connected social accountsTwo-factor authentication (required)Supported authenticator appsSetting up 2FAStart the setupAdd Devpilot to your authenticatorEnter the verification codeSave your backup codesContinue to the dashboardSigning in with 2FA enabledPassword recoveryRequest a resetCheck your emailSet a new passwordSign inProfile configurationWhat you can configureSettingsNext steps