Skip to content

FAQ — Frequently Asked Questions

Short answers to recurring questions. Every answer points to the full guide with both the GUI and API path. If something isn’t working, Troubleshooting often helps directly.

Do I automatically get an email as a new user?

Section titled “Do I automatically get an email as a new user?”

Not necessarily. When an administrator creates you via “Add User”, they typically set an initial passwordno email is sent in that case. Only the separate “Send Invitation” action sends a secure invitation link (a one-time link, never the password in plain text). Details: Creating a user — what happens behind the scenes?.

Because your instance or your tenant makes two-factor authentication mandatory. You can log in, but you’re immediately taken to setup before you can use Notory. Here’s how to set it up: Set up 2FA.

If self-service reset is enabled, use the “Forgot password?” link on the login page. Otherwise, an administrator resets your password for you. Both paths: Reset your password.

After several failed attempts I can no longer get in.

Section titled “After several failed attempts I can no longer get in.”

After 5 failed sign-in attempts, Notory locks the account for 15 minutes. After that it unlocks automatically — or an administrator can lift the lock early.

No. The tenant is permanently bound to your account (or your API token); there is no switcher in the interface. Anyone working across multiple tenants needs a separate account per tenant. Background: Switching between tenants.

Open the Assets module → “Add Asset” → fill in Name and Type“Create”. Step by step (GUI and API): How do I create an asset?

No. Every valid row is created as a new asset — import the same file twice and you get duplicates. Invalid rows are silently skipped (only noted in the log); the result message only reports the number of imported and skipped records. Required columns are asset_type and name. Details and a sample template: CSV import.

Because they failed validation and were silently skipped (for example an empty name, an unknown asset_type, or an empty cell in a typed column such as date/number). This produces no error code. See Troubleshooting → CSV import.

Yes. Deleted assets go to the recycle bin and can be restored from there. Note: assets in the recycle bin still count toward your asset limit. See Recycle bin & restoring.

Via Import & Export, as CSV or JSON. The JSON export works well as a complete backup of your inventory: Exporting your inventory.

Why is a module grayed out or not visible at all?

Section titled “Why is a module grayed out or not visible at all?”

Usually because of your plan: many modules (Software, Certificates, Compliance, SSO, Multi-Tenant, Discovery, and others) only become available from Professional, with Provisioning and Webhooks from Elite. In addition, a module can be disabled instance-wide, or your role may not have sufficient permissions. Diagnostic order: Troubleshooting → Module not visible.

Guideline values: Basic 250, Professional 2,500, Elite 5,000. What actually applies is the intersection of the tenant plan and the product license (max_assets). Once the limit is reached, Notory rejects new entries with 403 — existing data is left untouched. Details: Understanding limits.

Will I be warned before certificates or licenses expire?

Section titled “Will I be warned before certificates or licenses expire?”

There is no automatic notification (no email, no webhook before expiry). Notory shows “expiring soon” as a live-calculated 30-day window in the respective overviews — so you need to actively check. See Certificates: Monitoring expiry and Software: Costs & Expiry.

The product license is not uploaded — it’s stored as the environment variable LICENSE_KEY in .env; the new tier takes effect after a restart. The plan assignment per tenant is then handled in tenant management. Guide: Installing a license.

With an API token as a bearer header (Authorization: Bearer inv_…). You create tokens under Settings → API Tokens; the token is shown in plain text only once. Basics: API Getting Started, management: Creating a token.

No, and none is needed: Notory ships the OpenAPI spec at /api/openapi.json. You can feed it into an OpenAPI generator to produce a typed client in any language. To try it out, there’s the API Reference (Scalar).

In production, currently exactly one event fires: asset.created (plus the test event ping). There is no automatic retry — every event is delivered at most once. Details: Webhook events and Errors & retries.

How do I make sure a webhook really comes from Notory?

Section titled “How do I make sure a webhook really comes from Notory?”

Via the signature in the X-Webhook-Signature: sha256=… header (HMAC-SHA256 over the raw body using your webhook secret). Verification examples in Python, Node, and OpenSSL: Verifying the signature.

Who is allowed to manage users, roles, and modules?

Section titled “Who is allowed to manage users, roles, and modules?”

The Administrator role can create users and assign roles; instance-wide module toggling is reserved for the Super Admin. The full permission matrix: Roles & Permissions.

Does an SSO button automatically appear for colleagues with a company login?

Section titled “Does an SSO button automatically appear for colleagues with a company login?”

Only if an SSO provider is configured for the exact email address and the account already exists. Detection works per address, not per domain — brand-new users won’t see the button until their account has been created. Background: Email discovery.

Can I adapt the look and feel to match our branding?

Section titled “Can I adapt the look and feel to match our branding?”

Yes — primary/secondary color, logo, and footer legal links can all be set per tenant; the colors apply UI-wide (including hover states and contrast checking). See Branding.