Sign in
Sign in with Google or email/password, and understand how Pegasus sessions stay secure.
Sign in with Google, or use the email and password you created at sign-up.
Open the login page
Click Log In on the landing page, or go directly to/login.Choose a sign-in method
Click Continue with Google to use your Google account. Or type your email and password, then click Sign In.
Finish Google sign-in if prompted
Google may ask you to choose an account or approve the sign-in. After Google returns you to Pegasus, the same secure web session is created automatically.
You're redirected to the Dashboard
Pegasus shows you the workspace you used last (Personal if it's your first time).
If your Google account uses the same verified email as an existing Pegasus password account, Pegasus signs you into that existing account instead of creating a duplicate.
How session security works
Pegasus uses two cookies, both httpOnly (JavaScript on your page cannot read them):
- Access token — valid for 15 minutes. Sent with every API call.
- Refresh token — valid for 7 days. Automatically used to mint a new access token when the first one expires.
You won't see this happen — Pegasus refreshes silently in the background as long as the refresh token is still valid. After 7 days of inactivity, you're sent back to /login.
Logging out
The Log out button is at the bottom of the left sidebar. Clicking it clears both cookies and redirects to /login.
Common issues
- "Failed to log in" — wrong email or password. Use Forgot password if you don't remember the password.
- "Google sign-in failed" — the Google flow did not complete, or Pegasus could not safely match the Google account. Try again from the login page.
- "Email not verified" — finish the email verification flow before signing in.
- Redirected to login mid-session — both your access and refresh tokens expired. Sign in again to continue.