Skip to main content
All help topics

For admins

Per-tenant login + password recovery

Every workspace has its own login, forgot-password, and reset pages — branded with that workspace's logo/colors/fonts.

Pages

  • /p/<tenant>/login — branded sign-in
  • /p/<tenant>/forgot-password — email + send link
  • /p/<tenant>/reset-password/<token> — set a new password
  • /p/<tenant>/accept-invite/<token> — accept an invite + set initial password

Tenant-scoped tokens

Tokens carry a signed tenant binding. A link issued for tenant A is rejected if it lands inside tenant B's portal — even if the URL slug is swapped manually.

Sign-in routing

  • Instructors + admins land on /dashboard.
  • Students land on /p/<tenant>/courses.

Why per-tenant (not one shared login)

Each workspace's accounts are completely separate, and so is its login. That means a student sees only your brand when they sign in — your logo, colours and name — never a generic platform login. It also keeps data cleanly isolated: someone with an account at one academy isn't automatically known to another.

Common questions

  • Is there one password across academies? No — each workspace is its own account namespace; a learner signs in per academy.
  • Can a reset link be reused on another workspace? No — tokens are tenant-bound and rejected if the slug is swapped.
  • Where do invited users set their password? On the branded accept-invite page from the invite email.
  • Does it work on my custom domain? Yes — these pages render under your domain with your branding once it's connected.

Related