ForjioHuudisIdentityPlugipayPaymentsStorlaunchE-commerceFulkrumaFulfilmentRiplloMarketingLinkSnapShort URLsPawpadoGPU streaming
Ripllo Docs
⌘K

Sign in

This page walks through what happens when you sign in to Ripllo, what each screen does, and how to recover from the common things that go wrong.

If you're new to Ripllo and don't have an account yet, you can sign up from the same screen — the "Create account" link sits below the password field.

The flow

Sign-in has up to four screens, depending on your account state:

  1. Ripllo landing page — you click Sign in.
  2. Huudis email/password screen — you enter your credentials (or click Google/Apple).
  3. MFA prompt (if enabled) — you enter a TOTP code or biometric.
  4. Ripllo dashboard — you're in.

Steps 1 and 4 are on ripllo.com. Steps 2 and 3 are on huudis.com — you'll see the domain change in your address bar. That's intentional: Huudis owns identity, Ripllo owns marketing data.

Step-by-step

1. Click Sign in

The Sign in button is in the top-right of every ripllo.com page. Clicking it sends you to ripllo.com/login. From there you can choose:

  • Continue with email — the standard flow.
  • Continue with Google — available if your Huudis instance has Google OAuth configured.
  • Continue with Apple — same condition as Google.

If you've signed in to ripllo.com before in this browser, you'll skip the chooser and go straight to Huudis.

2. Enter credentials

On huudis.com, you'll see a form for Email and Password.

  • Email is case-insensitive.
  • Password is case-sensitive. Spaces matter.
  • Ripllo doesn't impose a length limit on passwords beyond what Huudis enforces (minimum 10 characters).

After you submit, Huudis validates the credentials. Three possible outcomes:

  • Success, no MFA — you skip to step 4.
  • Success, MFA enrolled — you go to step 3.
  • Failure — you see "Invalid email or password" with no information about which one is wrong (this is intentional, to prevent account enumeration).

3. MFA challenge (if enabled)

If you've enrolled in multi-factor authentication, Huudis prompts you for a code. Supported factors:

  • TOTP — from Google Authenticator, Authy, 1Password, etc. Six-digit codes.
  • WebAuthn — hardware security keys (YubiKey) or platform authenticators (Touch ID, Windows Hello).
  • Backup code — one of the codes you saved when you enrolled. Each code works once.

Enter the code. Huudis verifies it and proceeds.

Lost your second factor? Use a backup code. If you've used them all, contact your workspace admin — they can disable MFA on your account from the dashboard. If you're the only admin and you've locked yourself out, email support@forjio.com from a recognized email address.

4. Back to Ripllo

Huudis redirects your browser to ripllo.com/callback?code=…. The callback page POSTs that code to Ripllo's backend, which:

  1. Exchanges the code for tokens at Huudis.
  2. Validates the PKCE challenge it stored before redirecting you out.
  3. Signs a session cookie and sets it on your browser.
  4. Redirects you to /dashboard.

You're in. The whole thing usually takes under a second.

Workspace selection

If your Huudis identity belongs to multiple Ripllo workspaces, the first sign-in to a new browser lands you in the workspace you used last. If we can't determine that — e.g., it's a new browser and you're a member of several — we land you in your default and show a brief banner that you can switch.

The workspace switcher lives in the top-left of the dashboard.

"Remember me"

We don't have a "remember me" checkbox because we do it by default. Session cookies last 30 days of inactivity — you don't need to re-sign-in unless you've been away.

The cookie is httpOnly, Secure, SameSite=Lax, and HMAC-signed. It's safe to leave the browser open.

Signing in through Storlaunch

If you got your Ripllo workspace via the Storlaunch marketing module, you don't usually need to sign in to ripllo.com directly — you stay inside Storlaunch's portal, and Storlaunch's backend proxies your actions to Ripllo on your behalf.

You can sign in to ripllo.com directly with the same Huudis account if you want to see the raw Ripllo dashboard. Both surfaces hit the same data — there's no separate ledger.

Common errors

"Invalid email or password"

The email or password you entered didn't match. We don't tell you which one for security reasons. Things to check:

  • Caps Lock is off.
  • The email is the one you used at sign-up.
  • You haven't recently changed your password (then logged in with the old one).

If you genuinely don't remember, use Forgot password.

"Email not verified"

You signed up but never clicked the verification link in the welcome email. Ripllo won't let you sign in until you've verified.

Click Resend verification on the sign-in error page. The email comes from no-reply@huudis.com — check spam if you don't see it within a minute.

"Account locked"

After too many failed attempts (we cap at 10 per 15 minutes), Huudis temporarily locks your account. Wait 15 minutes and try again. If you've genuinely forgotten your password, request a reset — that bypasses the lock.

"Too many requests"

The Huudis IdP rate-limits sign-in attempts per IP. If you're behind a NAT with many users (corporate network, shared dev machine), you may share a quota. Wait a minute and retry; the limit resets quickly.

Behind the scenes

If you want to understand the protocol-level details — PKCE, state, nonce, refresh token rotation — the Authentication overview has the longer version.

Next