Enable single sign-on and multi-factor authentication | Secure | Northflank Application docs

Secure /

Enable single sign-on and multi-factor authentication

You can log in to Northflank by either username and password, or by authenticating using Google, GitHub, GitLab, or Bitbucket OAuth.

You can also add multi-factor authentication to your account to provide another layer of security.

Single-sign on and multi-factor authentication configuration n the Northflank application

Single sign-on

Northflank currently supports single sign-on with Google, GitHub, GitLab, and Bitbucket accounts.

You can either create your account with single sign-on (OAuth), or enable single sign-on for an existing account.

To enable single sign-on from your account settings page, toggle the services you want to sign on with. Your Northflank email address must match the primary address of the OAuth service you want to use.

When creating an account with another service ensure you are logged in to the account you want to use. You will then be able to create a Northflank account.

You will be asked to log in, if you are not already signed in to an account on the service you want to use, and you will be asked to allow Northflank OAuth to identify you using their OAuth service.

You can now log in to Northflank by authenticating with your selected OAuth services, instead of entering the account's username and password.


You will still need to enter your one-time password when using single sign-on if you have multi-factor authentication enabled.

Multi-factor authentication

You can enable multi-factor authentication (MFA) from your account settings page for additional security. When enabled, you will also need to enter a one-time password (OTP) from an authenticator application every time you log in to your account, both by password or single sign-on.

Use your authenticator application to scan the QR code, or manually enter the secret to add your Northflank account. On Northflank, enter the one-time password generated by your authenticator application and your account password, then click enable OTP.


Make sure you copy your recovery code somewhere safe and secure. If you ever lose access to your authenticator application, you must use your recovery code to access your account.

Log in with recovery code

If you have lost access to your authenticator application, attempt to log in as normal. When you are asked for your one-time password, select lost access to authenticator app. Enter your username, password, and recovery code, and reset & log in. You will need to re-enable multi-factor authentication.

Disable multi-factor authentication

To disable MFA, navigate to your account settings page, select disable OTP, and enter your account password to confirm.

Team multi-factor authentication

Team administrators can check if team members have multi-factor authentication enabled from the members page in team settings. The 2FA column will display a green tick if a member has configured multi-factor authentication, and a red cross if they have not.

© 2023 Northflank Ltd. All rights reserved.