Skip to main content

Account Settings Overview

Your Pocketsflow account settings control your profile, security, and business identity. Access them at Settings → Account.

Profile Information

Basic Details

Manage your account identity and how you appear to customers: Available Settings:
FieldDescriptionRequirements
NameYour full name or business nameRequired, displayed on receipts
UsernameUnique identifier for your creator page3-30 characters, alphanumeric + hyphens
EmailPrimary contact emailMust be verified
AvatarProfile imageJPG/PNG, max 5MB
BioShort descriptionOptional, 500 characters max
LocationCity, CountryOptional
How to update:
  1. Go to Settings → Account
  2. Update any field
  3. Click Save Changes
  4. Verify email if changed (check inbox for confirmation link)

Username Requirements

Your username appears in your creator page URL: pocketsflow.com/@username Rules:
  • ✅ 3-30 characters
  • ✅ Letters, numbers, hyphens allowed
  • ✅ Must be unique across Pocketsflow
  • ❌ No spaces or special characters
  • ❌ Cannot start/end with hyphen
Checking availability: The system validates in real-time as you type. If taken, try variations or add numbers.

Authentication & Login

Auth0 Integration

Pocketsflow uses Auth0 for secure authentication with OAuth 2.0: Features:
  • Passwordless login via email magic links
  • Social login (Google, GitHub, etc.)
  • Automatic session management
  • Secure refresh token rotation
Managing your login:
  1. Go to Settings → Account → Login Methods
  2. See connected authentication providers
  3. Add or remove login methods
  4. Update password (if using email/password)

Password Best Practices

If using password authentication: ✅ DO:
  • Use a unique password (not reused elsewhere)
  • Make it 12+ characters with mixed case, numbers, symbols
  • Use a password manager (1Password, Bitwarden, etc.)
  • Update immediately if compromised
❌ DON’T:
  • Share your password with anyone
  • Use common passwords (“Password123”)
  • Reuse passwords from other sites
  • Write it down in insecure locations
Changing your password:
  1. Settings → Account → Security
  2. Click Change Password
  3. Enter current password
  4. Enter new password (twice)
  5. Click Update Password

Two-Factor Authentication (2FA)

Coming Soon: 2FA support is planned for a future release. Check the roadmap for updates.
When available, 2FA adds an extra security layer: Recommended setup:
  1. Use authenticator app (Google Authenticator, Authy, 1Password)
  2. Save backup codes securely
  3. Test logging in with 2FA before closing session
  4. Keep backup method (SMS) as fallback
Why 2FA matters:
  • Protects against password theft
  • Required for high-value accounts
  • Prevents unauthorized access even if password leaks
  • Industry best practice for financial platforms

Session Management

Active Sessions

View and manage logged-in devices: Where to check:
  • Settings → Account → Active Sessions
  • See device type, browser, location, last active
Managing sessions:
  • Sign out - Remove specific device
  • Sign out all devices - Force re-login everywhere (recommended if compromised)
Best practices:
  • Review sessions monthly
  • Sign out from unknown devices immediately
  • Avoid public/shared computers
  • Use private browsing on shared devices

Session Timeouts

Automatic logout:
  • Inactive for 30 days - automatic session expiration
  • Invalid token - immediate logout with redirect to login
  • Rate limit exceeded (429) - temporary lockout

Security Best Practices

Protect Your Account

1

Use strong authentication

Password + 2FA (when available) or passwordless magic links
2

Keep email secure

Your email is the recovery method - use strong password and 2FA on email too
3

Review activity regularly

Check sessions, login attempts, and account changes monthly
4

Be cautious with links

Verify pocketsflow.com domain, never click suspicious emails
5

Use official apps only

Only log in at app.pocketsflow.com or official mobile apps

Recognizing Phishing

Pocketsflow will NEVER:
  • ❌ Ask for your password via email or support ticket
  • ❌ Request your API keys or webhook secrets
  • ❌ Send suspicious links from non-pocketsflow.com domains
  • ❌ Demand immediate action to “verify” account
  • ❌ Ask for payment outside the dashboard
Red flags:
  • Emails from @gmail.com, @outlook.com (not @pocketsflow.com)
  • Spelling errors or poor grammar
  • Generic greetings (“Dear User”)
  • Urgent threats (“Account will be closed”)
  • Links to non-pocketsflow.com domains
If suspicious:
  1. Don’t click any links
  2. Forward to security@pocketsflow.com
  3. Delete the email
  4. Change password if you entered credentials

Account Recovery

Lost Access

If you can’t log in: Email-based recovery:
  1. Click Forgot Password on login page
  2. Enter your account email
  3. Check inbox for reset link (check spam)
  4. Click link and set new password
  5. Log in with new password
No access to email:
  1. Contact support@pocketsflow.com
  2. Provide account verification:
    • Username
    • Last 4 digits of connected bank account
    • Recent transaction details
  3. Support will verify identity and assist

Account Compromise

If your account was hacked:
1

Change password immediately

Use forgot password flow if locked out
2

Sign out all sessions

Settings → Account → Sign Out All Devices
3

Review recent activity

Check for unauthorized products, sales, or setting changes
4

Contact support

Email security@pocketsflow.com with details
5

Secure connected accounts

Update passwords for email, bank, PayPal, and payment accounts

Test Mode vs Live Mode

Pocketsflow operates in two modes to protect live data:

Test Mode

Purpose: Safe environment for development and testing Characteristics:
  • ⚙️ Separate database from live
  • 💳 Use payment gateway/PayPal test credentials
  • 🔄 No real money or transactions
  • 🧪 Perfect for experimenting with products, webhooks, APIs
  • 🔍 API keys prefixed with pk_test_
Visual indicator: Yellow banner “Test Mode” at top of dashboard Switching: Toggle in top navigation bar

Live Mode

Purpose: Production environment with real transactions Characteristics:
  • 💰 Real money, real customers
  • ✅ Requires identity verification (KYC)
  • 🏦 Connected bank account for payouts
  • 🔐 Production API keys (pk_live_)
  • 📊 All analytics and reporting
Visual indicator: No banner (clean interface) Requirements before going live:
  1. Complete identity verification
  2. Connect payment gateway or PayPal account
  3. Set up bank account for payouts
  4. Add at least one published product
  5. Configure tax settings (if applicable)

Identity Verification (KYC)

Why Verification is Required

For regulatory compliance and fraud prevention, Pocketsflow requires identity verification through our payment processor: Required for:
  • Receiving payouts
  • Going live with products
  • Processing customer payments
Information needed:
  • Full legal name
  • Date of birth
  • Home address
  • Government ID (passport, driver’s license)
  • Tax ID / SSN (US) or equivalent
  • Bank account details

Verification Process

1

Start verification

Go to Settings → Payments → Complete Verification
2

Identity verification session

Redirected to secure identity verification portal
3

Upload documents

Take photo of ID, selfie for verification
4

Wait for review

Usually instant, may take 1-2 business days
5

Approval notification

Email confirmation when verified
Status tracking:
  • Pending - Submitted, awaiting review
  • Processing - Under manual review
  • Verified - Approved, can receive payouts
  • Requires Input - Additional documents needed

Verification Issues

Common problems:
IssueSolution
ID photo blurryRetake in good lighting, keep camera steady
Name mismatchUse exact legal name on ID
Address doesn’t matchUpdate to current address on ID
UnderageMust be 18+ in most countries
Still having issues? Contact support@pocketsflow.com with your verification session ID

Account Deletion

Requesting Deletion

To permanently delete your account:
This action is irreversible. All products, customers, sales data, and settings will be permanently deleted.
Before deleting:
  • ✅ Export all customer data (Settings → Customers → Export)
  • ✅ Download sales reports (Settings → Analytics → Export)
  • ✅ Complete pending payouts
  • ✅ Inform active subscribers (subscriptions will be canceled)
  • ✅ Backup product files and content
Deletion process:
  1. Settings → Account → Delete Account
  2. Review what will be deleted
  3. Enter password to confirm
  4. Click Permanently Delete Account
  5. Confirm via email link
What happens:
  • Account immediately deactivated
  • Customer access revoked within 24 hours
  • Data permanently deleted after 30-day grace period
  • Payment gateway/PayPal accounts disconnected
  • Custom domains released
Grace period: 30 days to recover account by contacting support. After that, deletion is permanent.

Security Checklist

Monthly Review

  • ✅ Check active sessions, sign out unknown devices
  • ✅ Review recent login activity
  • ✅ Update password if using same password elsewhere
  • ✅ Verify account email still accessible
  • ✅ Check for any unauthorized products or settings changes

Immediate Action If Suspicious

  • ✅ Change password immediately
  • ✅ Sign out all devices
  • ✅ Review recent account activity
  • ✅ Contact security@pocketsflow.com
  • ✅ Check connected bank/payment accounts

Ongoing Protection

  • ✅ Use password manager
  • ✅ Enable 2FA (when available)
  • ✅ Keep email secure
  • ✅ Don’t share credentials
  • ✅ Verify emails before clicking links
  • ✅ Only use official Pocketsflow URLs

Payment Settings

Configure payment gateway and PayPal

Payout Settings

Set up bank account and payouts

API Keys

Manage developer access

Tax Configuration

Set up tax collection