Appearance
Account & billing
This page walks through the full account lifecycle: register, sign in, pick a plan, enable 2FA, manage billing. Most of what you need is in the user menu in the top-right of the workspace; everything billing-related is brokered to the Stripe customer portal so you don't enter card details into Atlas itself.
Register
The signup flow is at /register. Required: username (operator ID) and password (twice). Email is optional but recommended — without it you cannot receive alerts, password resets, or 2FA recovery mails. The "operator" terminology is OSINT-flavored, not a separate user class — every Atlas user is an operator.
Backend route: backend/routes/auth.py. After submitting, you land on the dashboard immediately if no email confirmation is required by your deployment, or on a confirmation-pending screen otherwise.
Sign in
/login accepts the username (operator ID) and password you set during registration. If 2FA is enabled (see below), a second screen prompts for a 6-digit TOTP code. Sessions are JWT-based with a refresh-token cookie; the access token rotates automatically while the tab is open.
The "Access Terminal" button is the submit. The "Register operator" link below the form is the path to /register for new accounts.
Plan selection
The public pricing page at /pricing lists tiers and features. Plans differ on:
- Realtime vs. delayed quotes
- OSINT layer access (AIS, ADS-B, geolocated news)
- Alert volume
- PDF export of model portfolios and Security dashboard
- Number of saved screens, graphs, dashboards
- Client portfolios (advisory plans only)
The actual feature gating lives in the FeatureGate.jsx component — panels surface a graceful upgrade prompt if your plan doesn't cover a feature.
Billing flow
Atlas does not store your payment method. Instead:
- From Settings → Subscription, click Manage to open the Stripe customer portal.
- The portal is hosted by Stripe under your account and supports: viewing invoices, swapping payment methods, changing plans, applying discount codes, and cancellation.
- Cancellation is end-of-period — you keep access until the next renewal date, then drop to free tier.
The webhook flow that keeps Atlas's local plan state in sync with Stripe events lives at backend/routes/stripe_webhook.py. For a deeper integration view, see Stripe billing.
Two-factor authentication
Strongly recommended for any OSINT-leaning workflow. Setup is in Settings → Security. The flow:
- Click Enable 2FA.
- Scan the QR code with an authenticator app (Google Authenticator, Authy, 1Password).
- Confirm with a 6-digit code.
- Save the recovery codes — they appear once and are the only way to recover if you lose your authenticator device.
For OSINT-specific account hygiene (separate identities, session isolation, IP exposure), see the OSINT operational security guide.
Account deletion
From the user menu, Delete account triggers a two-step confirmation (common.confirmDeletion). Deletion is hard — portfolios, watchlists, alerts, and saved screens are removed. There's no soft-delete grace period; ensure you've exported anything you want to keep.
Tips
- Atlas separates the login email from the contact email used for alert delivery. Both default to the same address, but you can split them in Settings → Profile.
- Plan changes take effect at the next renewal cycle — upgrades are immediate, downgrades happen at period end.
- Don't share recovery codes — anyone with one can reset 2FA on your account.