AgentCollision AgentCollision Docs

Account

Manage your AgentCollision identity, security settings, and the link between your accounts and this laptop. Most of what's on this page lives in the dashboard's Account page; the CLI bits are noted inline.

Profile

Your display name is shown to teammates on the dashboard's Team page and in audit log entries. Edit it from Account → Profile. The change is live immediately.

Email is read-only on this panel because it's also your sign-in identity. To change it, open the Change email modal — we send a confirmation link to the new address. The change doesn't take effect until you click that link, so a typo can't lock you out.

Password

Changing your password requires confirming the current one. The dashboard re-authenticates against POST /v1/user/reauthenticate before letting the change through, which is why you'll be asked to type the existing password even though you're already signed in.

When the change succeeds, every other device signed into your account is signed out. The session you used to make the change keeps working — everything else has to sign in again with the new password. This is intentional: if your old password leaked, the attacker loses access the moment you rotate.

Two-factor authentication

Open Account → Security → Two-factor authentication to enable TOTP. The dashboard calls Supabase's mfa.enroll, shows a QR code, and asks you to confirm with a code from your authenticator app. After enrollment, sign-in requires AAL2 — password plus a fresh TOTP code.

At enrollment time you'll also see a one-time list of recovery codes (generated server-side via POST /v1/user/mfa/recovery-codes). Print them or stash them in a password manager — if you lose your authenticator, they're the only way back in. You can regenerate the list at any time, but doing so invalidates the previous set.

# If you're locked out and have no recovery codes:
# email support@agentcollision.com from the address on the account.

Sessions

The Sessions tab lists where your account is currently signed in. Each row shows browser, OS, IP city, and last-active timestamp. Use Sign out everywhere to invalidate all sessions except the current one — useful if you've signed in on a public machine and forgot to sign out.

Multi-session listing depends on a Supabase upgrade we're rolling out gradually. If your panel only shows the current session, that account is still on the older single-session view; Sign out everywhere still works.

Account deletion

To delete your account, open Account → Danger zone → Delete account. We send a confirmation link to your email; clicking it starts a 30-day grace period during which the account is suspended but recoverable. After 30 days, all data is hard-deleted — teams you owned are transferred or dissolved per the rules below, audit logs are anonymized, and the email becomes available for reuse.

Deletion is blocked while either of these is true:

If you change your mind during the grace period, sign in and click Cancel deletion from the banner.

Multi-account on one machine

You can be signed into more than one AgentCollision team from the same laptop. Each agc login registers a new team locally without disturbing the existing ones. The daemon binds to exactly one of them at a time — that's the team whose dashboard sees this laptop as Active.

agc team ls
# * merkle      team_a1b2c3d4   admin
#   acme-corp   team_e5f6g7h8   member

agc team switch acme-corp
# Switched. acme-corp's dashboard will pick up this laptop on the next heartbeat.

From the dashboard, the Switch this laptop to this team button on the "Almost there" panel does the same thing in one click. See the full command list under Team commands, and the related troubleshooting entry at multi-account "almost there".

Need help?

Email support@agentcollision.com for anything that doesn't have a self-serve path on this page — recovery, billing changes, locked-out admins, GDPR requests.