Settings
The Settings page is split into five sections, in order down the left rail: Preferences, Notifications, Check defaults, Retention, Danger zone. Every panel stays mounted as you switch between them, so unsaved changes survive a tab change. A beforeunload confirm and a sidebar prompt warn you if you try to leave with unsaved work.
Preferences
UI personalisation. Stored in your browser’s localStorage, not on the server — so they don’t follow you across browsers or devices.
| Field | Options |
|---|---|
| Theme | System · Light · Dark |
| Density | Comfortable · Compact |
| Timezone | Preset list of common IANA zones, plus a free-text input for any IANA zone. |
| Time format | 12h · 24h |
| Date format | Auto · ISO · Localised |
There is no display name, no avatar, and no profile picture. Your identity in the app is just your sign-in email.
Notifications
Account-wide defaults that new channels inherit, plus the global mute switch. Stored in mx_notification_preferences.
| Field | Notes |
|---|---|
| Default severity filter | info+ · warning+ · critical. Used as the starting value when you create a new channel. |
| Default event filters | sendOpen, sendResolved, sendEscalation toggles — used as the starting values for new channels. sendEscalation is stored for forward compatibility; no escalation dispatcher exists today (see Incidents → What’s not in the product). |
| Global mute | Preset chips: Not muted · 30m · 1h · 4h · 24h. |
When the global mute is set in the future, every notification dispatch is suppressed and a log row is written with suppressed_reason='muted'. See Notifications → Muting.
Check defaults and SLO
Two related blocks, both backed by mx_settings:
Check defaults
The values new endpoints start from. Override the product defaults (60s interval, 10s timeout, 5s latency, 14-day SSL warning, 3/2 thresholds) with whatever fits your team:
| Field | Notes |
|---|---|
| Check interval | ≥ 60s (DB-enforced). |
| Timeout | The HTTP / TCP probe timeout. |
| Latency threshold | Above this, a successful probe is degraded. |
| SSL warning days | Days-until-expiry before HTTPS endpoints flip to degraded. |
| Failure threshold | Consecutive down runs to open an incident. |
| Recovery threshold | Consecutive healthy runs to close one. |
| Alert cooldown | Stored, not yet enforced — see Notifications. |
| Escalation delay | Stored, not yet enforced. |
| Recovery alert | Whether new endpoints fire on resolve by default. |
expectedStatusCodes is not in the defaults panel today — set it per-endpoint when you add or edit one.
SLO
| Field | Notes |
|---|---|
| Target % | Your fleet uptime target. Drives the dashboard error-budget banner. |
| Window (days) | Rolling SLO window: 7 · 14 · 30 · 60 · 90. |
Retention
A read-only summary of how long each kind of data lives. Useful when you’re deciding how far back you can investigate something.
The Retention panel currently lists incidents and daily summaries as kept for 1 year. In practice the cleanup cron only prunes mx_checks (48h), mx_hourly_summaries (30d), and mx_notification_log (90d). Incidents and daily summaries are effectively kept indefinitely until that cron grows a sweep for them.
For the actual current retention, see Incidents → Retention.
Danger zone
Two destructive actions, both confirmed.
Sign out
A simple sign-out form. Single-session sign-out only — there’s no “sign out of all devices” today.
Delete account
Type DELETE MY ACCOUNT into the confirm input and tick the acknowledgement, then click delete.
What gets removed:
- Your
auth.usersrow (Supabase auth). - Cascade across every
mx_*table: endpoints, checks, incidents, channels, mutes, notification preferences, settings, log, summaries. - The notification log entries are cascaded too — there’s no audit trail left behind.
This is permanent — there’s no undo, no soft-delete recovery window. Export anything you want to keep first.
What’s not in Settings
A few common asks that aren’t here today:
- No profile / display name / avatar. Your account identity is your sign-in email.
- No in-app password change. Use the Forgot password flow on the sign-in page — it sends a recovery link to your email that lands you on a reset page. (Demo accounts can’t change passwords at all.)
- No sessions list / active devices view. Sign-out only signs out the current session.
- No 2FA / TOTP / passkey settings. Sign in with email + password, GitHub OAuth, or Google OAuth.
- No plan / usage panel. Tier shows up only as the small banner on the Endpoints and Notifications pages, plus a tier note on the Retention panel — neither is a billing surface. See Pricing for the canonical plan information.
Demo accounts
The public showcase account (demo@watchdeck.dev) lives at plan_tier='demo'. It’s:
- Read-only at the database layer — every write hits an RLS rule that blocks the insert/update/delete.
- Read-only in the UI — every action button is wrapped in a
DemoGatethat disables it with a tooltip. - Read-only at server actions —
assertNotReadonlyshort-circuits any privileged action.
Sign in to it from the auth page to explore the product without exposing your data. You won’t be able to add, edit, or delete anything; navigating and reading are unrestricted.