Settings
The Settings page controls global gateway behavior. Only admins can edit these values; other users can view them in read-only mode.
Session Timeout
Section titled “Session Timeout”Configure the sliding inactivity timeout for browser sessions.
- Enter the timeout in minutes
- Click Save
- (Optional) Click Clear to revert to env/default
MFA Requirements
Section titled “MFA Requirements”Global MFA policy for all users:
- Require MFA for all users
- Trusted device TTL (days)
- Step-up window (minutes)
Changes apply immediately for new logins and step-up checks.
Destructive Actions
Section titled “Destructive Actions”Control whether destructive Convox operations (like deleting apps) are allowed at all. This is a global safety switch.
Deploy Approvals
Section titled “Deploy Approvals”Enable or disable deploy approvals and set the approval window (minutes) for admin approvals.
Default VCS & CI Providers
Section titled “Default VCS & CI Providers”Set the defaults for app-level deploy approvals:
- VCS provider (currently GitHub)
- CI provider (currently CircleCI)
These defaults are used when an app does not specify its own provider settings.
App Settings (Per-App)
Section titled “App Settings (Per-App)”App-specific settings are not on this page. Go to Apps → {app} → Settings to configure:
- VCS/CI deploy settings (repo, branch, approval job name)
- Protected and secret environment variables
- Approved deploy commands
- Service image patterns
Related
Section titled “Related”- Deploy Approvals - CI/CD approval workflow
- Account Security - MFA setup and trusted devices