Skip to main content

Account

The account page is dormant during the current private beta. The shipped e2e path is beta-key-only: use /login with the operator-issued API key from the Nullspace team. Self-serve accounts, profile editing, key minting, export, and deletion stay documented here because the plumbing remains in the API and console for a later launch flip. When self-serve Auth is enabled, this page uses your Supabase session and never asks for a runtime API key.

Profile

The profile panel shows the account email, display name, avatar URL, email verification state, and current quota tier. Display name and avatar URL are optional.

Quotas

The quota panel shows the active tier and recent daily usage. Self-serve sandbox create and timeout-extension requests are charged against the owning team’s tier. When quota is exhausted, the API returns: 
{
  "error": "Daily sandbox create quota exceeded (100/100 for 2026-05-02). See https://docs.nullspace.io/account#quotas.",
  "code": "QUOTA_EXCEEDED",
  "request_id": "req_..."
}
Operators can override a user’s tier from /admin. The override updates both the user record and the user’s personal team.

Runtime API keys

Runtime API keys authorize SDK, CLI, and raw HTTP API requests. Create keys from the API Keys page after self-serve Auth is re-enabled. During private beta, operator-issued beta keys are the only active user key path. Key actions:
  • Create: mint a new key and reveal it once.
  • Rotate: create a replacement key and schedule the old key to expire after the overlap window.
  • Revoke: deactivate a key immediately.

Export

After self-serve Auth is re-enabled, use account export when you need a JSON snapshot of account metadata, teams, key metadata, quota usage, and sandbox metadata. Export does not reveal API key secrets because Nullspace stores only key hashes after creation.

Deletion

After self-serve Auth is re-enabled, account deletion is two-stage:
  1. A verified user requests deletion from the account page.
  2. The account is soft-deleted and scheduled for hard deletion.
  3. An operator can hard-delete the account from /admin after active resources are gone.
Hard delete is blocked while the account still has active sandboxes, runtime assignments, active shared-volume resources, or active desktop viewer sessions. Blocked and successful hard-delete attempts are recorded in the operator audit table.

Operator access

When the operator console is enabled, the /admin console route and /v1/admin/* APIs require a verified Supabase session whose public.users.is_operator flag is true. Operators can search users, inspect account details, set quota tier overrides, mint beta-compatible operator keys, and hard-delete soft-deleted accounts.