Help
Can't sign in?
Pick the situation that matches yours — each section is independent. Nothing here sends you in circles to another help page.
Work email or SSO
You normally open /sign-in and enter your email (or use Google / SAML).
Shared passphrase
Your organisation uses one passphrase at /login instead of personal accounts.
Work email or SSO
Accounts are handled by Clerk — Blackglass never stores your password. Use the forgot- password flow on the sign-in screen and check your inbox (including spam).
- Open sign-in.
- Enter your email and continue until you see the password field.
- Choose Forgot password? (wording may vary slightly). Clerk emails you a secure link to set a new password.
SSO or Google? Use the same provider buttons as usual on sign-in. If the identity provider rejects you, your IT admin has to fix IdP access — not something we can reset from Blackglass.
Open sign-inShared passphrase (/login)
Some teams sign in at /login with one passphrase for the whole deployment. That value is not recoverable by email — it lives only in your hosting provider as AUTH_ADMIN_PASSWORD.
Locked out
Someone with access to the deployment must set a new passphrase and wait for the app to finish redeploying.
DigitalOcean App Platform
- Open Apps in the DigitalOcean control panel.
- Select your Blackglass app → Settings → Components → web → Environment Variables.
- Edit
AUTH_ADMIN_PASSWORD, save a new strong value, then wait until the deployment shows ACTIVE. - Sign in at /login with the new passphrase.
Already signed in
Ask whoever operates the deployment to rotate AUTH_ADMIN_PASSWORD in the same screen when you want to roll the passphrase without being locked out.
Advanced options (API / CLI / scripts): see docs/passphrase-recovery.md in the source repository.