ForjioHuudisIdentityPlugipayPaymentsStorlaunchE-commerceFulkrumaFulfilmentRiplloMarketingLinkSnapShort URLsPawpadoGPU streaming
Pawpado Docs
⌘K

Sign in

This page walks through what happens when you sign in to Pawpado, what each screen does, and how to recover from the common things that go wrong.

If you don't have a Pawpado account yet, the same flow handles sign-up — click Get started on pawpado.com and Huudis will offer to create one for you.

The flow

Sign-in has up to four screens, depending on your account state:

  1. Pawpado landing page — you click Sign in.
  2. Huudis email/password screen — you enter your credentials (or click Google/Apple).
  3. MFA prompt (if enabled) — you enter a TOTP code or biometric.
  4. Pawpado dashboard — you're in.

Steps 1 and 4 are on pawpado.com. Steps 2 and 3 are on huudis.com — you'll see the domain change in your address bar. That's intentional: Huudis owns identity, Pawpado owns sessions, credits, and storage.

Step-by-step

1. Click Sign in

The Sign in button is in the top-right of every pawpado.com page. Clicking it sends you to pawpado.com/login. From there you can choose:

  • Continue with email — the standard flow.
  • Continue with Google — available if your Huudis instance has Google OAuth configured.
  • Continue with Apple — same condition as Google.

If you've signed in to pawpado.com before in this browser, you'll skip the chooser and go straight to Huudis.

2. Enter credentials

On huudis.com, you'll see a form for Email and Password.

  • Email is case-insensitive.
  • Password is case-sensitive. Spaces matter.
  • Huudis enforces a minimum password length of 10 characters.

After you submit, Huudis validates the credentials. Three possible outcomes:

  • Success, no MFA — you skip to step 4.
  • Success, MFA enrolled — you go to step 3.
  • Failure — you see "Invalid email or password" with no information about which one is wrong (this is intentional, to prevent account enumeration).

3. MFA challenge (if enabled)

If you've enrolled in multi-factor authentication, Huudis prompts you for a code. Supported factors:

  • TOTP — from Google Authenticator, Authy, 1Password, etc. Six-digit codes.
  • WebAuthn — hardware security keys (YubiKey) or platform authenticators (Touch ID, Windows Hello).
  • Backup code — one of the codes you saved when you enrolled. Each code works once.

Enter the code. Huudis verifies it and proceeds.

Lost your second factor? Use a backup code. If you've used them all, email support@forjio.com from a recognized email address — we can verify you out-of-band and disable MFA. Pawpado is single-user, so there's no workspace admin to fall back to.

4. Back to Pawpado

Huudis redirects your browser to pawpado.com/callback?code=…. The callback page POSTs that code to Pawpado's backend, which:

  1. Exchanges the code for tokens at Huudis.
  2. Validates the PKCE challenge it stored before redirecting you out.
  3. Signs a session cookie and sets it on your browser.
  4. Redirects you to /dashboard.

You're in. The whole thing usually takes under a second.

"Remember me"

We don't have a "remember me" checkbox because we do it by default. Session cookies last 30 days of inactivity — you don't need to re-sign-in unless you've been away.

The cookie is httpOnly, Secure, SameSite=Lax, and HMAC-signed. It's safe to leave the browser open.

Common errors

"Invalid email or password"

The email or password you entered didn't match. We don't tell you which one for security reasons. Things to check:

  • Caps Lock is off.
  • The email is the one you used at sign-up.
  • You haven't recently changed your password (then logged in with the old one).

If you genuinely don't remember, use Forgot password.

"Email not verified"

You signed up but never clicked the verification link in the welcome email. Pawpado won't let you sign in until you've verified.

Click Resend verification on the sign-in error page. The email comes from no-reply@huudis.com — check spam if you don't see it within a minute.

"Account locked"

After too many failed attempts (we cap at 10 per 15 minutes), Huudis temporarily locks your account. Wait 15 minutes and try again. If you've genuinely forgotten your password, request a reset — that bypasses the lock.

"Too many requests"

The Huudis IdP rate-limits sign-in attempts per IP. If you're behind a NAT with many users (corporate network, shared dev machine), you may share a quota. Wait a minute and retry; the limit resets quickly.

"Apple/Google sign-in failed"

The most common cause is that the social provider isn't actually configured on this Huudis instance — the buttons should be hidden in that case but a stale browser tab can show them. Refresh the page; if the button disappears, fall back to email/password.

If the button persists but the flow errors, the provider on Huudis's side may have rotated credentials. Email support@forjio.com so we can re-link.

Behind the scenes

If you want to understand the protocol-level details — PKCE, state, nonce, refresh token rotation — the Authentication overview has the longer version.

Signing in from the CLI

The CLI uses Huudis's OIDC device flow, not the browser cookie. Run:

pawpado auth login

A browser opens to huudis.com/device with a pre-filled user code. You confirm. The CLI polls for the resulting tokens and stores them at ~/.pawpado/credentials.

pawpado auth whoami

confirms you're signed in. The stored token refreshes automatically as long as you run a CLI command at least every 90 days.

Next