Skip to content
Mindful Auth Docs (BETA)

Edit Hostname

This guide walks you through editing an existing hostname/portal in Mindful Auth. Here are the configurable options:

Basic Configuration

Section titled “Basic Configuration”
  • Login Success Redirect URL: Enter the url path where users should be redirected after a successful login. The url will always have {memberid} at the beggining, for example, /{memberid}/dashboard.

Security Settings

Section titled “Security Settings”
  • Turnstile Site Key: Enter the site key obtained from Cloudflare Turnstile.
  • Turnstile Secret Key: Enter the secret key obtained from Cloudflare Turnstile.
  • Session Duration: Select the desired session duration tier based on your requirements. The available options are:
    • 15 minutes
    • 1 hour
    • 8 hours
    • 12 hours
    • 1 day
    • 2 days
    • 3 days
    • 4 days
    • 5 days
    • 7 days
    • 14 days
    • 21 days
    • 30 days
  • Number of Active Sessions: Select the desired active sessions based on your expected user load.
    • one
    • three
    • five
    • ten
  • Audit Logs Status: Toggle to enable or disable audit logging for the hostname. Audit logs capture important security events and user activities. Available on Business Plan.

Email Webhook

Section titled “Email Webhook”
  • Email Webhook URL: Enter the URL of your email webhook. This single webhook handles all email events (verification, password reset, and magic login) using the event_type field to differentiate between them.

Internal API Key

Section titled “Internal API Key”

Here you can see the internal API key for this hostname. This key is used to authenticate requests from your frontend to Mindful Auth APIs. Keep it secure and do not expose it publicly.

Hostname Status

Section titled “Hostname Status”

Connected/Disconnected Toggle: Use this toggle to connect or disconnect the hostname. When disconnected, users will not be able to log in or register using this hostname and all sessions will be purged.

Backend Credentials

Section titled “Backend Credentials”

Security incident response: Rotate compromised backend API credentials. New credentials will be validated before being saved to prevent lockout.

Important: Rotating credentials does not affect end user sessions or data. Only use this if your backend API key has been compromised or for scheduled credential rotation policies.

  • New [Backend] API Key: Enter the new backend API key to replace the compromised credential