Appearance
OAuth Login
kendo supports signing in with Google or GitHub. You can use OAuth as your primary login method, link multiple providers for convenience, or combine OAuth with a traditional password.
1. Sign In with OAuth
On the login page, click Continue with Google or Continue with GitHub below the email/password form. You'll be redirected to the provider to authorize access, then returned to kendo and logged in automatically.
INFO
OAuth login requires a linked account. If you haven't linked a provider yet, you'll see an error asking you to link your account from profile settings first. To get started, sign in with your email and password, then link a provider from your profile.
2. Accept an Invite with OAuth
When you receive an invitation email, the invite page offers both options:
- Set a password — Traditional account setup
- Continue with Google/GitHub — Create your account using OAuth (no password needed)
If you choose OAuth, your account is activated and linked to the provider automatically. You can always set a password later from your profile settings.
3. Manage Connected Accounts
After logging in, go to your Profile page. The Connected Accounts section shows all available providers:
- Linked providers — Shows the connected email and an Unlink button
- Unlinked providers — Shows a Link button that opens a popup to authorize the provider
Linking a Provider
Click Link next to the provider. A popup opens for authorization. After approving, the popup closes and your profile updates automatically.
Unlinking a Provider
Click Unlink next to a connected provider, then confirm. The provider is removed from your account.
WARNING
You cannot unlink your last authentication method. If you signed up via OAuth and haven't set a password, the unlink button is disabled. Set a password first, then you can unlink the provider.
4. Set a Password (OAuth-Only Users)
If you created your account through OAuth, you won't have a password. Your profile shows Set Password instead of Change Password.
Setting a password gives you an additional login method and allows you to unlink OAuth providers if needed. Password requirements:
- Minimum 8 characters
- Must include letters, mixed case, numbers, and symbols
How It Works
kendo uses a redirect-based OAuth flow:
- Redirect — kendo redirects your browser to the OAuth provider
- Authorize — You approve access at the provider (Google, GitHub)
- Callback — The provider redirects back to kendo with an authorization code
- Session — kendo exchanges the code, verifies your identity, and logs you in
For account linking (from profile settings), the flow uses a popup window instead of a full-page redirect, so you stay on the profile page.
TIP
OAuth login is independent from the GitHub integration for repository linking. They use separate connections — linking GitHub for login does not grant kendo access to your repositories, and vice versa.
Central Admin: Two-Factor Authentication
Platform administrators who sign in to the central admin area (central.kendo.dev) can add a time-based one-time password (TOTP) second factor to their account. Two-factor authentication is opt-in — an administrator who hasn't enabled it signs in exactly as before.
Enable 2FA
From your central Profile page, under Security:
- Click Enable 2FA and confirm your password.
- Scan the QR code with an authenticator app (Google Authenticator, Authy, 1Password, etc.), or enter the shown key manually.
- Enter the 6-digit code from your app to confirm.
- Save the recovery codes that appear — each can be used once if you lose access to your authenticator. Click I've saved these codes to finish.
Sign in with 2FA
After 2FA is enabled, signing in becomes two steps: enter your email and password as usual, then, on the challenge screen, enter the current 6-digit code from your authenticator app. You can switch to Use a recovery code if your device is unavailable.
WARNING
Each recovery code works only once. After using one, generate a fresh set from your profile with Regenerate Recovery Codes (this invalidates the previous set).
Manage or disable 2FA
From the Security section of your profile you can Regenerate Recovery Codes or Disable 2FA — both require re-entering your password. Disabling 2FA removes the challenge from your next sign-in.
See Also
- Quick Start — Getting started with kendo
- GitHub Integration — Repository linking and webhooks