Skip to main content
Every Vibely project has its own settings panel — distinct from workspace and account settings. Open it from any project: Project menu → Settings. This page is the full inventory of what’s there, grouped the way the panel groups it. Mode-specific sections (Mobile, Design) only appear when the project is of that type.

General & Identity

The basics that show up everywhere your project does.
  • Project name — display name in the dashboard, share links, and emails. Editable by Owner, Admin, and Editor.
  • Slug / subdomain (web) — drives the publish URL on *.vibelyagent.com. 3–63 characters, lowercase letters, digits, and hyphens. A short list of names is reserved — www, api, app, admin, auth, login, dashboard, docs, support, billing, cdn, static, assets, internal, and similar. Changing the slug breaks every existing share URL; Owner only.
  • Description — short summary shown on hover in the dashboard and on share previews.
  • Category — optional tag (e-commerce, SaaS, internal tool…) used by AI suggestions and the dashboard’s filters.
  • Project icon / thumbnail — auto-captured from your latest build and refreshed on every deploy. You can also trigger a manual recapture from the panel.
  • Star / pin — per-user favourite. Pinned projects float to the top of your dashboard.
Project type (Web App, Mobile App, or Vibely Design) is set at creation and decides which mode-specific sections below appear.

Access & Sharing

Who can open, edit, and view the project — independent of workspace membership.

Visibility (editor & preview access)

  • Restricted — Owner only. (Business)
  • Workspace — every member of the workspace.
A previous “Public” mode has been replaced by the Public remixing toggle (below). For unauthenticated viewer access to the live site, use Website access under Deploy & publish.

Collaborators

Invite individuals by email with a role of Admin / Editor / Viewer, scoped to this project only. Invite volume is rate-limited per user to keep accidental loops from spamming people. Effective permission = max(workspace role, project collaborator role, group access). The more-permissive grant wins. Generate a single shareable link with a fixed role (Editor / Viewer / disabled). Viewer role on a Shared link is Pro+. Regenerating the link invalidates the old token; people who already accepted stay in.

Access requests

When a project is Restricted, others in the workspace can request access at a specific role. The owner approves or denies in the panel, and the requester is emailed when a result is recorded (provided email is configured for the workspace).

Team access (Business)

Grant a whole member group Editor, Viewer, or read-only Viewer access in one move. Removing a group grant doesn’t touch individual collaborator grants.

Public remixing

Toggle to let anyone with the preview link open the project without signing in. Useful for prototypes, hackathon submissions, and “click to remix” templates. Turning it off purges the edge cache within about a minute.

Environment variables & secrets

Per-project key / value store for runtime configuration — API keys, feature flags, third-party tokens that aren’t covered by a workspace connector.
  • Add / edit / delete keys from Settings → Environment. Editable by Owner, Admin, and Editor.
  • Secret masking — mark a value as secret to encrypt it at rest and mask it in the UI. Secret values never round-trip to the browser and are not logged.
  • Scope — values are injected at sandbox boot. There’s no separate preview / prod split yet; one value applies everywhere this project runs.
  • Reserved keys — Vibely injects a handful of system variables for the gateway, AI access, and the linked Supabase project (URL, anon key, service-role key). These appear in the panel as read-only and can’t be deleted.
  • Override rule — when a key exists at both workspace and project level, the project-level value wins.
For credentials shared across every project in the workspace, prefer a workspace connector over per-project env vars.

Connectors

OAuth and API-key connections to external services (Slack, HubSpot, GitHub, Stripe, Supabase, Notion…). Connectors are established at the workspace level and can optionally be pinned to a single project.
  • Begin OAuth, list connections, disconnect — all from the connector’s row in the panel.
  • Bring your own OAuth app — workspace Owner / Admin can register a custom client ID and secret per provider. Changing the credentials forces re-auth for everyone using that connector.
  • Per-project scoping — a project-bound connection isn’t visible to other projects in the workspace, even if the same connector is set up workspace-wide.

Domains (web only)

How the live site is reached on the public internet.
  • Auto subdomain — every project gets a free *.vibelyagent.com URL on creation.
  • Custom domain — add a subdomain (CNAME to the Vibely apex) or an apex domain (anycast A record, or CNAME flattening if your DNS host supports it — Cloudflare DNS, Namecheap, DNSimple, and ClouDNS all do).
  • Verification flow — status progresses pending → cert pending → active, or failed with the underlying error. Vibely re-checks DNS automatically every few seconds; you can force a recheck from the panel.
  • Primary domain — pick one. Non-primary hostnames serve a permanent redirect to the primary. DNS TTL changes can take up to an hour to propagate.
  • www auto-pair — adding an apex domain automatically registers www.<apex> as a hidden redirect to the primary, so both versions resolve correctly.
  • Remove a domain — Owner only. The TLS certificate is destroyed and the site becomes unreachable on that hostname immediately; the auto vibelyagent.com URL keeps working.
See Web App → Publish for the end-to-end DNS / TLS walkthrough.

Deploy & publish (web)

  • Publish — kick off a build and deploy from the project header. Web projects can target Vibely’s default hosting or, when configured, an external host. Mobile projects publish through Mobile settings instead.
  • Website access — controls who can visit the published site (separate from editor visibility):
    • Public — anyone with the URL (Free and up).
    • Restricted / Workspace / Group-only — Business.
  • Title & description — Open Graph metadata that appears on the published site and in social previews. Social caches can lag a few minutes after a change.
  • Deployment history — every build with its status (queued / building / ready / failed), trigger, and live URL.
  • Rollback — activate any prior ready deployment instantly — no rebuild required.

GitHub & source control

Connect a GitHub repo and Vibely keeps it in sync with your project.
  • Connect / disconnect repo — pick or create a repo. Disconnecting doesn’t delete the repo or the project; they just stop talking.
  • Branch selection — choose which branch is live. Defaults to main.
  • Push / pull — push commits with a message, or pull edits made directly in the repo. Pulls let you choose ours or theirs when there’s a conflict.
  • Auto-deploy on push — a webhook triggers a deploy when commits land on the live branch. These deploys count toward credit usage, same as in-app builds.
Workspace-level Git defaults (default branch, default sync mode for new projects) live under workspace settings.

Database & backend (Supabase)

Link the Supabase project this Vibely project uses for auth, database, storage, and Edge Functions.
  • Link Supabase project — provide the project URL, the anon key, and the service-role key. The service-role key is treated as a secret and is server-only.
  • Schema browser — read-only view of tables, columns, and row-level security policies, surfaced from the Supabase Management API.
  • Auth integration toggle — turn auth on or off. Disabling removes the auth middleware on the next build.
The agent’s supabase_setup tool reads whatever is configured here.

Mobile settings (mobile only)

Visible when the project is a Mobile App build (Expo / React Native).
  • Bundle ID / package name — e.g. com.company.app. Changing this after a store release breaks OTA updates and forces a new listing.
  • App version (semver) and build number — build number must strictly increase per version.
  • Deep-link scheme — your app’s custom URL scheme. Pick something unique to avoid colliding with other installed apps.
  • Build target channel:
    • Expo Go — dev preview, no native build.
    • EAS Internal — ad-hoc QA builds for distribution to a small list of testers.
    • EAS Store — production builds for TestFlight and Play Console.
  • Code signing — auto (Vibely-managed certificates) or manual (upload your own .p12 or keystore).
  • Push notifications — toggle on; requires FCM / APNs setup separately.
  • Store links — App Store and Play Store URLs, displayed in the dashboard.
  • Credentials upload — encrypted iOS .p12 and Android keystore storage; only the Owner can revoke uploaded credentials.
  • Release notes — per-version text shown in update prompts.
See Mobile App Mode for the full ship flow.

Design settings (design only)

Visible when the project is a Vibely Design build.
  • Design template — base framework selected at creation.
  • Top niche / category — drives the design agent’s suggestions and example library.
  • Design system reference — link to or pasted text describing the system you’re matching.
  • Typography preference — default font stack used by the agent.
  • Color branding — primary brand HEX values; surfaces in tokens, components, and previews.
  • Design files / artboards — versioned files for the design canvas; deletes leave a recoverable history.
See Design Mode for canvas, skills, and React export.

Security

Project-level security scanning, with results that also feed the workspace-wide Security Center.
  • Run scan — async; covers four scanners: RLS, DB, Code, Dependencies.
  • Findings list — filter by severity (error / warning / info) and by scanner.
  • State management — each finding moves through open → ignored / fixed → stale (auto-marked when a fresh scan no longer reports it). Marking a finding as ignored requires a reason and is recorded in the audit log.
  • Dependencies view — every dependency with its current version and any matched CVEs.
  • Export findings — JSON download for offline review or ticket import.
  • Auto-verify on build — security scan + typecheck run after every build, sharing a small self-heal attempt budget.

Analytics

  • Visit analytics — page views, unique visitors, geography, top referrers. Aggregated hourly, not real-time.
  • Build & deploy metrics — counts, frequency, last deployment time and status.
  • Credit usage per project — visible on Pro and Business. Free shows an “Unlimited” placeholder since the meter isn’t surfaced per project at that tier.
  • Disable analytics — opt out of visit-tracking entirely from the panel.

Templates & Marketplace

Two distinct “share this as a starting point” surfaces.

Workspace template (Business)

Mark the project as a template so members can spin up new projects from it. Captures the current files, design tokens, and project type. Owner / Admin can mark, set a default template that’s pre-selected on the New project screen, or unmark — unmarking automatically clears the default. Creating new projects from a template is rate-limited per user.

Marketplace listing

Publish the project as a public template anyone on Vibely can install.
  • Publish — Vibely strips sensitive files automatically: *.env, common credential files (credentials.json, serviceAccountKey.json, *.pem), and anything whose path contains secret.
  • Edit listing — name, description, category, tags, thumbnail.
  • Unpublish — sets the listing to draft. Existing download and fork counts persist so you can republish later without resetting metrics.
See the workspace Marketplace section for admin-level controls.

Public messaging flag

Toggles whether the project’s in-app chat / messaging surface is exposed publicly. Off by default — turn on only for projects that intentionally need an anonymous-visitor chat path.

Danger zone

Owner-only operations grouped together so you don’t trigger them by accident.
  • Transfer project to another workspace — moves the project, secrets, deployments, and connectors with it. Workspace-scoped integrations (e.g. Slack) need to be re-bound in the destination workspace. Collaborators who aren’t members of the destination workspace lose access.
  • Archive — soft delete. Builds are disabled, but the live site stays up. Unarchive in one click.
  • Delete (permanent) — kills the sandbox session, invalidates the preview, deletes screenshots, clears AI memory, removes stored files, and drops the project record. The live site goes offline immediately. No recovery.
  • Leave — collaborators can self-remove. Owners must transfer ownership or delete the project instead.

Read-only / system fields

The panel surfaces a few fields that you can’t change directly: project ID, created and updated timestamps, status (active / archived), and an internal link to the chat history.

Plan gates at a glance

SettingFreeProBusiness
Auto subdomain on vibelyagent.com
Custom domain
Public remixing
Shared link — Viewer role
Restricted visibility
Restricted website access (private / workspace / groups)
Team access (group grants)
Workspace templates

Workspace and Account sections

Below the project group, the same sidebar carries workspace-level panels (members, billing, SSO, audit, connected accounts) and your personal account. See Workspace overview for those.

Settings vs. customisation

This page is about settings for one specific project. For settings that follow you across every project (theme, default model, custom instructions, notifications), see Customize Vibely. For settings that affect everyone in your workspace (workspace name, members, billing, SSO), see Workspace overview.