FAQ — Frequently Asked Questions
Short answers to recurring questions. Every answer points to the full guide with both the GUI and API path. If something isn’t working, Troubleshooting often helps directly.
Account & Login
Section titled “Account & Login”Do I automatically get an email as a new user?
Section titled “Do I automatically get an email as a new user?”Not necessarily. When an administrator creates you via “Add User”, they typically set an initial password — no email is sent in that case. Only the separate “Send Invitation” action sends a secure invitation link (a one-time link, never the password in plain text). Details: Creating a user — what happens behind the scenes?.
Why am I forced to set up 2FA?
Section titled “Why am I forced to set up 2FA?”Because your instance or your tenant makes two-factor authentication mandatory. You can log in, but you’re immediately taken to setup before you can use Notory. Here’s how to set it up: Set up 2FA.
I forgot my password — what now?
Section titled “I forgot my password — what now?”If self-service reset is enabled, use the “Forgot password?” link on the login page. Otherwise, an administrator resets your password for you. Both paths: Reset your password.
After several failed attempts I can no longer get in.
Section titled “After several failed attempts I can no longer get in.”After 5 failed sign-in attempts, Notory locks the account for 15 minutes. After that it unlocks automatically — or an administrator can lift the lock early.
Can I switch between multiple tenants?
Section titled “Can I switch between multiple tenants?”No. The tenant is permanently bound to your account (or your API token); there is no switcher in the interface. Anyone working across multiple tenants needs a separate account per tenant. Background: Switching between tenants.
Assets & Data
Section titled “Assets & Data”How do I create my first asset?
Section titled “How do I create my first asset?”Open the Assets module → “Add Asset” → fill in Name and Type → “Create”. Step by step (GUI and API): How do I create an asset?
Does the CSV import detect duplicates?
Section titled “Does the CSV import detect duplicates?”No. Every valid row is created as a new asset — import the same file
twice and you get duplicates. Invalid rows are silently skipped (only noted
in the log); the result message only reports the number of imported and
skipped records. Required columns are asset_type and name. Details and a
sample template: CSV import.
Rows are missing after an import — why?
Section titled “Rows are missing after an import — why?”Because they failed validation and were silently skipped (for example an
empty name, an unknown asset_type, or an empty cell in a typed column such
as date/number). This produces no error code. See
Troubleshooting → CSV import.
Can I restore deleted assets?
Section titled “Can I restore deleted assets?”Yes. Deleted assets go to the recycle bin and can be restored from there. Note: assets in the recycle bin still count toward your asset limit. See Recycle bin & restoring.
How do I export my data for a backup?
Section titled “How do I export my data for a backup?”Via Import & Export, as CSV or JSON. The JSON export works well as a complete backup of your inventory: Exporting your inventory.
Licenses & Plans
Section titled “Licenses & Plans”Why is a module grayed out or not visible at all?
Section titled “Why is a module grayed out or not visible at all?”Usually because of your plan: many modules (Software, Certificates, Compliance, SSO, Multi-Tenant, Discovery, and others) only become available from Professional, with Provisioning and Webhooks from Elite. In addition, a module can be disabled instance-wide, or your role may not have sufficient permissions. Diagnostic order: Troubleshooting → Module not visible.
How many assets does my plan allow?
Section titled “How many assets does my plan allow?”Guideline values: Basic 250, Professional 2,500, Elite 5,000.
What actually applies is the intersection of the tenant plan and the
product license (max_assets). Once the limit is reached, Notory rejects
new entries with 403 — existing data is left untouched. Details:
Understanding limits.
Will I be warned before certificates or licenses expire?
Section titled “Will I be warned before certificates or licenses expire?”There is no automatic notification (no email, no webhook before expiry). Notory shows “expiring soon” as a live-calculated 30-day window in the respective overviews — so you need to actively check. See Certificates: Monitoring expiry and Software: Costs & Expiry.
How do I install a new license?
Section titled “How do I install a new license?”The product license is not uploaded — it’s stored as the environment
variable LICENSE_KEY in .env; the new tier takes effect after a
restart. The plan assignment per tenant is then handled in tenant
management. Guide: Installing a license.
API & Integration
Section titled “API & Integration”How do I authenticate with the API?
Section titled “How do I authenticate with the API?”With an API token as a bearer header (Authorization: Bearer inv_…). You
create tokens under Settings → API Tokens; the token is shown in plain
text only once. Basics: API Getting Started,
management: Creating a token.
Is there an SDK?
Section titled “Is there an SDK?”No, and none is needed: Notory ships the OpenAPI spec at /api/openapi.json.
You can feed it into an OpenAPI generator to produce a typed client in any
language. To try it out, there’s the
API Reference (Scalar).
Which webhook events can I subscribe to?
Section titled “Which webhook events can I subscribe to?”In production, currently exactly one event fires: asset.created
(plus the test event ping). There is no automatic retry — every event is
delivered at most once. Details:
Webhook events and
Errors & retries.
How do I make sure a webhook really comes from Notory?
Section titled “How do I make sure a webhook really comes from Notory?”Via the signature in the X-Webhook-Signature: sha256=… header
(HMAC-SHA256 over the raw body using your webhook secret). Verification
examples in Python, Node, and OpenSSL:
Verifying the signature.
Administration
Section titled “Administration”Who is allowed to manage users, roles, and modules?
Section titled “Who is allowed to manage users, roles, and modules?”The Administrator role can create users and assign roles; instance-wide module toggling is reserved for the Super Admin. The full permission matrix: Roles & Permissions.
Does an SSO button automatically appear for colleagues with a company login?
Section titled “Does an SSO button automatically appear for colleagues with a company login?”Only if an SSO provider is configured for the exact email address and the account already exists. Detection works per address, not per domain — brand-new users won’t see the button until their account has been created. Background: Email discovery.
Can I adapt the look and feel to match our branding?
Section titled “Can I adapt the look and feel to match our branding?”Yes — primary/secondary color, logo, and footer legal links can all be set per tenant; the colors apply UI-wide (including hover states and contrast checking). See Branding.