Manage workspace settings

Workspace settings are only accessible to administrators with staff or superuser privileges.

Settings menustaffsuperuser
General settingsOO
Usage managementOO
ApprovalsO
Authentication policyO
Access controlO
User provisioningOO
ExtensionsOO
NotificationsO
Monitoring rulesO
Webhook configurationOO

Access settings

Click Workspace settings in the left sidebar. This menu is only visible to users with admin privileges.

General settings

Basic configuration

  • Workspace display name: Set the workspace name
  • Timezone: Select default timezone
  • Language: Set default display language
  • Billing email: Email for billing notifications

Advanced settings

Invitation TTL:

  • Validity period for invitation links
  • Default: 48 hours, Maximum: 30 days

Websh session timeout:

  • Auto-terminate inactive sessions
  • Longer timeout may increase costs
  • Range: 10 minutes ~ 24 hours

Allowed domains:

  • Users with specific email domains can join without invitation
  • Available on Essential plan or higher

Usage management

Plan information

View your current plan and allowed resources (members, servers).

Change plan:

  1. Click Change plan
  2. Select desired plan and complete payment
  3. For Enterprise plan, contact support@alpacax.com

Active resources

Visual display of resource usage:

  • Number of users
  • Number of servers
  • Websh session time
  • FTP transfer volume

Estimated costs

View estimated monthly costs based on service usage.

Approvals

Review and approve or reject member requests.

TypeDescription
UsernameUsername request from new members joining workspace

Authentication policy

Configure workspace security policies. MFA authentication required to change these settings.

MFA enforcement:

  • When enabled, all workspace members must complete MFA during login
  • Members without any MFA method configured will be prompted to set one up on their next login

Allowed MFA methods:

  • Select which MFA methods members can use (multiple selection)
  • Available methods: TOTP authenticator app, email, phone, and WebAuthn (hardware keys)

MFA timeout:

  • Maximum duration that MFA authentication remains valid after completion
  • This sets the workspace-wide range. Individual members can configure their own timeout within this range from Settings > Security settings—see Security settings
  • Shorter timeouts provide stronger security but require more frequent re-authentication

MFA required actions:

  • When enabled, system account access with sudo privilege in Websh, WebFTP, and Deploy Shell requires additional MFA verification
  • This applies when a user connects as a system account (e.g., root) rather than their personal Alpacon account
  • Users are prompted to complete MFA before the privileged session starts

Access control

Configure server access control settings for the workspace.

Allow direct root access:

  • Whether to allow direct connection as the root user via system account selection
  • Default: disabled
  • When disabled, the root account is excluded from the system accounts list in Websh, WebFTP, and code editor connections

Use sudo with MFA:

  • Enable sudo with MFA to allow staff and superuser members to run sudo commands in Websh with MFA verification
  • When enabled, the required PAM module is automatically installed on servers running Alpamon 1.3.2+
  • Works independently from Allow direct root access—users can use sudo commands even when direct root access is disabled

User provisioning

Set home directory access permissions when provisioning IAM user accounts to Linux systems.

  • Private: Owner only
  • Group shared: Group members
  • Public: All users

Extensions

Enterprise plan users can selectively enable Alpacon extensions.

Notifications

Manage notification types and configure your preferred notification channels while using Alpacon.

Notification types

Select which events should trigger notifications. Available types include:

  • Server disconnection: Receive warning/error notifications when a server loses connection with Alpacon for 1 minute or 5 minutes.

Notification channels

Choose how you want to receive notifications. Available methods include:

  • Email
  • Webhook: Send notifications to external webhook endpoints. Configure in Webhook configuration.
  • Push notifications: Receive browser push notifications.

Monitoring rules

Sends dashboard and email alerts based on defined monitoring rules during real-time server metrics monitoring.

Add rule

  1. Click New rule button
  2. Select target
  3. Set threshold
  4. Set whether it’s a default rule
  5. Save

Note: Only one default rule can be created per target

What are default rules? Rules automatically applied when new servers are registered.

Edit rule

  • Modify/delete from Actions menu
  • Cannot delete the only default rule for a target

Webhook configuration

Register Slack webhook URLs to send notification events to external systems.

Create webhook

  1. Click New webhook
  2. Enter information:
    • Name: Webhook name
    • URL: Slack or external server URL
    • Verify SSL: SSL certificate validation
    • Enabled: Activation status
  3. Save

Manage webhooks

  • Click webhook card for detailed management
  • Modify settings or delete