Account management
Sign up
In order to use balena and deploy code to devices you will need a balena account.
If you don't already have an account head over to our signup page. You can sign up with a GitHub or Google account or via an email address. When you create your account, you will be asked to create a password for the account. Your password needs to be at least 8 characters long.
Password reset
If you forget your password, you may request to reset it via the password reset page. Enter the email address associated with your balenaCloud account. If the email address has an associated account, a password reset link will be sent to that address. Following the link, you will be able to enter a new password.
Add a password to social login
To add a password to an account created with a social login (Google, Github), navigate to the Preferences page found by clicking on your profile in the top right of the dashboard. Under the Account details tab you can set a password for your account.
Access tokens
Access tokens are used for authentication in the balena API, CLI, and Node.js and Python SDKs. They are managed in the Access tokens tab of the Preferences page, which can be found via the dropdown menu in the upper-right corner of the dashboard:
There are two types of access tokens: session tokens and API keys. Both authentication types provide user-level permissions, meaning any user or application with one of these tokens can make changes across devices, fleets, and the user account.
Session tokens
Session tokens are retrieved from the Preferences page, and they can be refreshed with the API. These tokens expire after seven days, and they cannot be revoked.
API keys
API keys are named tokens that do not expire and can be revoked as needed. To create a new API key, make sure you are in the Access tokens tab of the Preferences page, then select Create API key:
You'll see a required field for Token name, as well as an optional field for Token description:
When you click Create token, you will see a dialog with the new API key:
Warning: This is your only opportunity to see the key, so make sure to download or copy to a secure location!
After you close the dialog, you'll see your API key in the list, complete with name, date of creation, and description:
To revoke one or more API keys, select the boxes to the left of the tokens you wish to remove, then click Delete selected:
API keys can also be generated using the API, CLI, and Node.js and Python SDKs.
Fleet members
When a fleet needs to be shared with more than one user, the fleet owner can add new members. Check out fleet members to understand member types, how to add a member and more.
Two-factor Authentication
We offer the option to enable Two-factor Authentication - this is a feature that prompts you to input a code from your smartphone/computer in addition to your password, providing an additional layer of security for your account.
Note: We use the industry standard Time-based One-time Password Algorithm to implement this functionality.
Enabling Two-factor Authentication
Sign up for an account (or log in if you already have one) and go to your preferences page. From here, click on the Two-factor Authentication tab then click Enable two-factor authentication to enable:
Next, you will be shown a QR code and prompted for a pairing code as shown below:
Note: Two-factor authentication will only be enabled once you have finished configuring it against your smartphone/computer, so no need to worry about logging out before finishing the configuration then not having access to your account!
In order to use your phone/computer as your added layer of security you will need to download a free authenticator app. There are many available, but one that works well and has been successfully tested against balena is Google Authenticator - download it for Android or iOS.
Once installed, navigate to the barcode scanner:
Note: The Android app is shown here - if you already have accounts installed, tap the 3 vertical dots in the top right-hand corner and select 'Set up account', otherwise you should be given the option when you first start the app.
When you tap the option to scan a barcode your phone will turn on your camera and all you need to do to pair with your account is to simply point it at the QR code displayed on your monitor.
Once configured, you'll see a 6 digit generated code with a graphic beside it indicating a countdown. Once the countdown expires, the code becomes invalid:
Next, you'll need to input the displayed code into the 'Pairing code' input on the preferences page. If successful, you will be shown recovery codes that may be used in the event that you cannot access your two-factor authentication app. These codes should be downloaded and stored in a safe place.
Once you've downloaded your recovery codes and clicked OK, the next time you log in, you will be prompted for the code displayed in your authenticator app after you've input your username and password. Enjoy your added layer of security!
To disable two-factor authentication, visit the Two-factor Authentication tab of the Account Preference and click Disable two-factor authentication. You will be prompted for your account password before it is disabled.
List of verified authenticator apps
Delete account
If you wish to delete your balenaCloud account, go to your Preferences page, and under the Account Details tab, select the Delete Account button. You will need to confirm this action by entering your password. If your account does not have a password, you will be prompted to set one in your account preferences. Upon confirmation, the account will be permanently deleted, including all fleets and devices. If you would also like to request deletion of your data in accordance with GDPR, please refer to the instructions in our privacy policy.