restorable docs
Start here

Sign up

Signing up takes under a minute. Two screens: your email and a code from your inbox. You land in the dashboard with an empty org ready for your first agent.

Before you start

Have these at hand:

  • An email address you can check right now. One user per email address.
  • A name for the org. It shows in the dashboard header and on the weekly evidence email. You can change it later.

The flow

  1. Open app.restorable.app/signup. Enter your email and a name for the org. Submit.
  2. An eight-character code lands in your inbox from mail@restorable.app within a minute. The subject reads "Your Restorable signup code." The code is two groups of four uppercase characters separated by a hyphen.
  3. Type the code into the second screen and submit.
  4. Choose a plan (Starter, Pro, or Team) and complete payment via Mollie. Once payment is confirmed, the dashboard opens on Agents → Add machine with an install one-liner pre-filled.

Codes use uppercase letters and digits, with visually ambiguous pairs like 0/O and 1/I excluded. They are single-use, valid for fifteen minutes, and rate-limited per IP and per email to keep guessing and email flooding in check.

Restorable uses a typed code rather than a clickable link on purpose. Corporate mail scanners often pre-open links, which consumes a one-time token before the real user sees it. A code you type back by hand sidesteps the whole class of problem.

What exists after signup

One organisation with the name you chose. One user, you, with the owner role. An active subscription on the plan you selected. An empty list of agents, sources, receipts, and events.

The org has a slug derived from the name. Lowercased, non- alphanumeric characters become hyphens, leading and trailing hyphens are trimmed. The slug appears in dashboard URLs and in agent configuration. The display name is editable later; the slug is fixed at signup.

Troubleshooting

The code did not arrive

Check spam. The mail comes from mail@restorable.app with subject "Your Restorable signup code." Wait two minutes, then resubmit the signup form with the same email to resend. The previous code is invalidated.

Two other reasons the mail might not arrive:

  • You already have an account on that email. The signup endpoint deliberately returns the same response whether the email is new or already registered, to avoid becoming an address-enumeration oracle. If nothing arrives, try log in with that email first.
  • Your mail provider is rejecting mail from restorable.app. Rare, but visible if you see other restorable.app mail going missing as well. Email simon@hackerman.co with the address you tried and we sort it out manually.

The code expired

Codes are valid for fifteen minutes. Resubmit the signup form to receive a fresh one.

I typed the code wrong too many times

After five wrong attempts on a single code, the code is burned and a new one has to be issued. Resubmit the signup form to get one. The rate limit resets on the next calendar hour.

The org name has a typo

Fix the display name in Settings once you are in the dashboard. The slug generated at signup is the one that stays.

What the signup endpoints do

For readers who want the implementation shape, to match:

  1. POST /api/auth/signup with a JSON body carrying email and org_name. Rate-limited per IP and per email. The orchestrator stashes a pending signup record keyed by the email address, generates the code, and sends the email via Scaleway TEM. No org row is created yet.
  2. POST /api/auth/signup/verify with a JSON body carrying email and code. On success, the orchestrator creates the org, creates the first user, sets a session cookie, and returns a redirect path. A fifth wrong attempt on the same code burns it.
  3. Pending signups that are never completed expire after a day and drop from the table.

Next

Install the agent on a host of your choice. The quickstart covers the happy path end to end. To understand what you are setting up first, read Agent, receipt, orchestrator.