Personal Settings
Manage your profile, API keys, and account security
Personal Settings
Manage your personal profile information, API keys, and account security settings. After opening Settings from the user menu, you can use the Profile, Keys, Security, and Account tabs to switch between sections.
Profile Settings
Update and manage your personal profile information:
Navigate to Settings
Click the user profile icon in the top right corner, then click "Settings" in the dropdown menu.
Select Profile Tab
Click on the "Profile" tab.
Update Information
Update your personal information:
- First Name
- Last Name
- Phone
- Bio
Save Changes
Click "Submit" to save your updates, or "Cancel" to discard changes.
Your profile information may be visible to other members of your organisation depending on your privacy settings.
API Keys
The API Keys page is for programmatic access to the platform. The page reminds you to keep these keys safe.
Accessing Your API Keys
Navigate to Settings
Click the user profile icon in the top right corner, then click "Settings" in the dropdown menu.
Select Keys Tab
Click on the "Keys" tab (alongside Profile, Security, and Account).
View Your Keys
The page lists your user tokens (e.g. User Token 1, User Token 2). Values are masked by default. Use the eye icon to reveal a token and the copy (clipboard) icon to copy it.
Copy Keys
Copy and save your tokens securely for programmatic access. User tokens are used to authenticate with the Core API (and may be prefixed with u- in API responses).
Using Personal API Keys
Personal API keys are used to authenticate with the Core API:
curl -X POST "https://api.requestrocket.com/clients" \
-H "Content-Type: application/json" \
-H "Authorization: {your_user_token}" \
-d '{
"clientName": "My Organisation"
}'Learn more about the Core API →
Security Note: Never share your API keys with others or commit them to public repositories. API keys are personal and grant access to your account - they should be protected like passwords.
Securing API Keys
- Store Securely: Use environment variables or secrets management systems
- Rotate Regularly: Periodically generate new keys and update applications (coming soon)
- Monitor Usage: Check for unusual activity in your account
- Limit Exposure: Only share keys with trusted applications
- Revoke When Needed: If a key is compromised, contact support immediately
Security
The Security tab is where you manage password reset and sign out. RequestRocket uses AWS Cognito for authentication.
Resetting Your Password
The Security page instructs: "To reset your password please logout and click 'forgot password' when you next login." Use the Logout button on that page (or sign out from the user menu), then follow the steps below.
Log Out
Click "Logout" on the Security tab (or use Logout in the user menu).
Access Login Page
Navigate to the login page when you next sign in.
Click Forgot Password
Click the "forgot password" (or "Forgot my password") link on the login page.
Enter Email
Enter your registered email address.
Check Email
You'll receive a verification code via email.
Enter Code
Enter the verification code and set your new password.
Confirm Reset
Complete the password reset process.
The verification code is time-limited for security. If it expires, you can request a new code.
Password Requirements
When setting a new password, ensure it meets these requirements:
- Minimum 8 characters
- At least one uppercase letter
- At least one lowercase letter
- At least one number
- At least one special character
Two-Factor Authentication (2FA)
Multi-factor authentication (MFA) for user login is planned for implementation in 2026. This will add an extra layer of security to your account.
When MFA is available, you'll be able to:
- Enable/disable MFA for your account
- Use authenticator apps (Google Authenticator, Authy, etc.)
- Configure backup codes
- Manage trusted devices
Privacy Settings
Control how your information is shared within organisations:
Profile Visibility
Configure what information is visible to other organisation members:
- Full name
- Email address
- Profile picture
- Bio/description
Activity Visibility
Control visibility of your activity:
- Recent actions
- Resource creation
- API usage statistics
Notification Preferences
Manage how and when you receive notifications:
Email Notifications
Configure email notifications for:
- Organisation invitations
- Security alerts
- System updates
- Usage alerts
- Billing notifications
In-App Notifications
Configure in-app notifications for:
- Real-time alerts
- Request failures
- Proxy status changes
- Team activity
Account
The Account tab is titled "Personal Account". You can leave feedback or delete your account from this page.
Account Deletion
Account deletion is permanent and cannot be undone. All your personal data, credentials, and configurations will be permanently deleted. This includes any clients you've created where you are the sole remaining admin.
Before deleting your account:
- Export any important data
- Transfer ownership of organisations or ensure other admins exist
- Remove yourself from shared organisations
- Cancel any active subscriptions
To delete your account, go to Settings → Account and click the red "Delete" button. You may use "Feedback" first if you want to share why you're leaving.
Troubleshooting
Cannot Reset Password
Issue: Not receiving password reset email
Solutions:
- Check your spam/junk folder
- Verify the email address is correct
- Wait a few minutes and try again
- Contact support if the issue persists
Cannot Access API Keys
Issue: Keys tab or API Keys page not visible
Solutions:
- Ensure you're logged in
- Open Settings from the user menu and select the Keys tab
- Contact support if the problem continues
Profile Changes Not Saving
Issue: Updates to profile information don't persist
Solutions:
- Check for validation errors in the form
- Ensure all required fields are completed
- Try refreshing the page and updating again
- Clear browser cache and cookies
Security Practices
1. Use Strong Passwords
- Use a unique password for RequestRocket
- Consider using a password manager
- Don't reuse passwords from other services
2. Protect Your API Keys
- Store keys securely (environment variables, secrets managers)
- Never commit keys to version control
- Rotate keys regularly
- Monitor key usage
3. Monitor Account Activity
- Regularly review your account activity
- Check for unauthorized access
- Review organisation memberships
- Monitor API usage patterns
4. Keep Information Updated
- Maintain current email address
- Update contact information
- Review privacy settings periodically
- Keep profile information accurate
5. Enable Security Features
- Enable MFA when available (2026)
- Use strong password policies
- Review security alerts promptly
- Keep recovery information updated
Support
From the user menu, Support opens the "Get Help / Give Feedback" page. Use it to ask for help or send feedback. The form includes:
- Select a Category — choose the type of request
- Title — short summary
- Describe your issue — details of your question or feedback
Click Submit to send, or Reset to clear the form.