Skip to main content

Settings

Configure your organization's team members, API keys, and branding.

Overview

The Settings section (admin-only) allows you to:

  • Manage team members and invite users
  • Configure your Anthropic API key for Bring-Your-Own-Key (BYOK) usage
  • Upload a custom organization logo (plan-dependent)
warning

Settings are only accessible to admin users. If you don't have permission to access Settings, contact your organization administrator.

Accessing Settings

  1. Log in to your RepoRisk account at https://app.canirunthat.com
  2. Click Settings in the main navigation menu (admin users only)
  3. You'll see three main sections: Team Members, Anthropic API Key, and Branding

Logo Branding

Custom Logo Upload

The Branding card allows you to upload a custom logo for your organization:

  1. Logo Upload — Upload your company logo (PNG, JPG, or GIF format)
    • Maximum file size: 5 MB
    • Recommended: Square format for best appearance
  2. Logo Display — How your logo appears in the platform depends on your plan:
    • Tier 2 Plan: Logo displays alongside the application name
    • Tier 3+ Plan: Logo fully replaces the application branding
  1. Go to Settings > Branding card
  2. Click Upload Logo and select a PNG, JPG, or GIF file from your computer (max 5 MB)
  3. Click Upload Logo to confirm the upload
  4. Once uploaded, a preview of your logo will display in the card

To remove your custom logo:

  1. Go to Settings > Branding card
  2. If a logo is already uploaded, a Delete Logo button will appear
  3. Click Delete Logo to remove the custom branding
  4. Confirm the deletion when prompted

Plan Availability

Logo branding requires Tier 2 or higher plan tier. If branding is unavailable, you'll see a message like:

Logo branding is not available on your current plan.
Upgrade to Tier 2 or higher to customize your organization's logo.

Contact your administrator to upgrade your plan.

Anthropic API Key (BYOK)

Overview

The Anthropic API Key card allows you to configure your own Anthropic API key for Bring-Your-Own-Key (BYOK) usage. When configured, your key is used for all security analysis in your organization.

Saving Your API Key

  1. Go to Settings > Anthropic API Key card
  2. In the Anthropic API Key password input field, enter your API key
    • Key format must start with sk-ant-
  3. Click Save Key
  4. A success message shows "API key saved successfully"
  5. Your key status updates to show "Configured — sk-ant-***xxxx" (masked)

Key Management

The Current Status field shows:

  • Configured — Your key is saved and active. A masked preview is displayed (e.g., sk-ant-***xxxx)
  • Not configured — No key is currently set. Configure one to enable BYOK usage

Plan and Source Restrictions

  • BYOK not available: If you see "API key management is not available on your current plan," your organization doesn't support BYOK yet

For complete BYOK setup instructions and troubleshooting, see the BYOK Guide.

Vendor AI Instructions

The Vendor AI Instructions card (admin only) lets you provide organization-specific context that is injected into the AI system prompt during all vendor security analysis runs.

When to Use

Use this field to tailor vendor evaluations to your organization's policies and risk appetite:

  • State your compliance framework (e.g., "We follow SOC 2 Type II and HIPAA")
  • Call out vendor categories requiring stricter review
  • Specify certifications or contractual clauses your procurement policy mandates
  • Provide industry-specific context the AI should consider

Configuring Vendor AI Instructions

  1. Go to Settings > Vendor AI Instructions card
  2. Enter your context text in the textarea (up to 4,000 characters)
  3. Click Save Instructions
  4. A success message confirms the instructions are saved

All future vendor analysis runs will include this context in the AI evaluation prompt.

Clearing Instructions

To remove the instructions, clear the textarea and click Save Instructions.

Best Practices

Security Best Practices

  1. Upload Organization Logo — Add your company logo to personalize the platform (if your plan supports it)
  2. Manage Team Access Carefully — Grant admin role only to trusted team members who need Settings access
  3. Rotate API Keys — Regularly update your Anthropic API key for security
  4. Audit Team Membership — Periodically review team members and remove inactive or departed accounts

Operational Best Practices

  1. Keep Logo Current — Update your organization logo if you rebrand
  2. Review Team Members Regularly — Ensure team member roles still match their current responsibilities

Troubleshooting

Settings Changes Not Saved

If your changes don't save:

  1. Ensure all required fields are filled
  2. Click Save and wait for a confirmation message
  3. Refresh the page and verify the changes took effect
  4. Contact Support if the issue persists

API Key Validation Failed

See the BYOK Troubleshooting guide for help with API key issues.

Cannot Access Settings

If you see "You do not have permission to access Settings":

  1. You must be an admin user to access Settings
  2. Contact your organization administrator to request admin access
  3. Ask your administrator to upgrade your role from Member to Admin

Next Steps