Account, tenant, and roles
ActivityLog has four nested concepts. Get these straight on day one and the rest of the product makes sense.
Account (your sign-up identity)
└── Tenant (your billing + isolation boundary)
└── System (one source of activity)
└── Token (the credential that source uses)
A single account belongs to one or more tenants. A tenant owns systems, users, and tokens. Tenant isolation is hard — cross-tenant queries are impossible from a user JWT; the API will return 404 even if you happen to know an ID from another tenant.
Sign up
Visit https://activitylog.com/portal/ and click Sign up. After verifying your email you land on the Dashboard with a brand-new tenant.
You don't pick a tier at sign-up — every new tenant starts on Free. Upgrade later from Settings → Billing (Pro/Enterprise contact pricing — see ../Pricing.md).

The tenant model
A tenant is the unit of:
- Isolation — no user in tenant A can query, see, or otherwise touch data in tenant B.
- Billing — usage and tier limits are per-tenant.
- Quota — system count, user count, retention, throughput all apply per-tenant.
| Capability | Free | Pro | Enterprise |
|---|---|---|---|
| Tenants per account | 1 | 1 | unlimited |
| Users per tenant | 3 | 25 | unlimited |
| Systems per tenant | 3 | 100 | unlimited |
| Tokens per system | 2 | 50 | unlimited |
| Retention default | 7 days | 90 days | configurable |
| Body size cap (inline) | 16 KB | 256 KB | per contract |
Source: ../Pricing.md. The numbers there are the source of truth — this table is a snapshot.
Multiple tenants (Enterprise only)
If your account is on the Enterprise tier you can hold multiple tenants under one login (think MSP or agency model). Switch between them from the top-right tenant picker.

Free and Pro accounts have exactly one tenant. Adding a second requires an Enterprise contract.
Roles inside a tenant
There are three role bits on each user inside a tenant:
| Role | Can | Typical assignment |
|---|---|---|
| owner | Everything below + invite/remove owners, change billing tier, delete tenant | Founder / primary operator |
| admin | Manage systems, tokens, members; mint/revoke; change retention; invite users | Engineering lead, ops |
| member | Read messages, view dashboards, run queries | Developers, support staff |
A user can hold multiple roles. The sign-up creator is auto-assigned owner.
"admin" here is the tenant admin role. There's a separate Fyin-staff "platform admin" role used only by the operator portal — out of scope for this guide. See
80-admin-portal.md.
Changing a user's role
Team → click the user → Edit role. The change takes effect on their next login (or token refresh, within an hour).

Removing the last owner is blocked — you must promote another member first.
Systems vs streams
A system is your source of activity. Examples:
my-backend— your ASP.NET appiphone-app— your customer-facing iOS appnightly-jobs— your scheduled tasks runner
A stream is a logical channel inside a single system, set per-message via the stream field on POST. Examples within one system:
stream: "events"— business eventsstream: "audit"— security/audit eventsstream: "errors"— exceptions
You don't pre-create streams; they're free-form per message. New streams just appear when their first message lands.
Convention tip: many users encode an entity hierarchy in
streamusingstream={entityType}:{entityId}. For examplestream: "ticket:ACLOG-140906"makes every ticket's activity individually filterable. See../Architecture.md§ 11 for the full pattern.
Account password and email
Profile → Password to change. We use Argon2id; minimum 12 characters.
Profile → Email to change. You'll re-verify the new address before the change takes effect; if you lose access to the old inbox use the password-reset flow on the sign-in page.

What's next
| Goal | Doc |
|---|---|
| Mint your first system token | 20-setup-system-tokens.md |
| Bring in a teammate | 30-invites-and-team.md |
| Set up two-factor auth | 40-totp-setup.md |
| Wire your app | 50-ingest-native.md |
Troubleshooting
I see "Tenant not found" or 404 on every page. Your portal session is bound to a tenant that no longer exists (it was deleted, or you were removed). Sign out and back in to pick a tenant you have access to.
The Invite button is greyed out.
You're a member — only admin and owner can invite. Ask your tenant owner to promote you.
"You have hit the user limit on the Free tier." Free is capped at 3 users per tenant. Either remove a user, or upgrade to Pro at Settings → Billing.