ContentFlows/Documentation

In this section

OverviewGetting startedAuthentication & loginBrand configurationConnecting channelsContent pipelineBilling & plansTroubleshooting & tokens

Authentication & login

ContentFlows uses TOTP (Time-based One-Time Password) as the only login method. There is no email OTP fallback — every login requires a valid 6-digit code from your authenticator app. This design keeps your account secure without relying on email deliverability.

Why TOTP only?

Email-based login codes depend on your inbox being accessible and email delivery being reliable. TOTP codes are generated locally on your phone — they work offline, expire every 30 seconds, and cannot be intercepted in email.

Every admin account requires TOTP enrollment before any dashboard access is granted.

First login: TOTP enrollment

When you log in for the first time, ContentFlows will detect that your account is not enrolled and show the Authenticator Setup screen.

Step 1 — Install an authenticator app

You can use any TOTP-compatible app. Common choices:

  • Google Authenticator — iOS / Android (free)
  • Authy — iOS / Android / Desktop, supports cloud backup
  • 1Password — built-in TOTP if you use a password manager
  • Microsoft Authenticator — iOS / Android

[DIAGRAM: QR code enrollment screen → phone scanning → 6-digit code entry]

Screenshot of the TOTP enrollment screen with QR code placeholder goes here.

Step 2 — Scan the QR code or enter the key manually

ContentFlows displays a QR code on the enrollment screen. Open your authenticator app, tap Add account or the + icon, and scan the code.

If your app doesn't have a scanner, tap Enter key manually and type in the secret key shown below the QR code.

Save your secret key

Store the secret key in a safe place (your password manager, a printed backup). If you lose access to your authenticator app and have no recovery key, you will need to contact support to reset your TOTP enrollment.

Step 3 — Confirm with your first code

After scanning, your app will show a 6-digit code that refreshes every 30 seconds. Enter it into the confirmation field and click Activate. Enrollment is complete.

Subsequent logins

After enrollment, every login follows this flow:

  1. Enter your email address and click Continue.
  2. ContentFlows checks if your account is enrolled — it is, so you see the TOTP input screen.
  3. Open your authenticator app, find the ContentFlows entry, and enter the current 6-digit code.
  4. You are logged in and redirected to the dashboard.

[DIAGRAM: login flow — email entry → TOTP check → 6-digit input → dashboard]

Login flow diagram goes here.

Lost access to your authenticator app?

If you have lost your phone or deleted your authenticator app:

  • If you saved your secret key, re-add it manually to a new authenticator app using the Enter key manually option.
  • If you use Authy with cloud backup, restore your codes to a new device.
  • If you have no recovery options, contact support with proof of account ownership and we will reset your TOTP enrollment.

Multiple admin users

Each admin user has their own separate TOTP enrollment tied to their email. If you need to add another admin to your tenant, contact support — multi-admin management is coming to the dashboard soon.

Session expiry

Admin sessions expire after a period of inactivity. You will be returned to the login screen and must re-authenticate with your TOTP code. Sessions are not persistent across browser restarts by default.