Your Account

In order to access settings for your account, billing information, etc. click on the circular profile photo or image towards the top right of the screen. A drop-down menu will appear with a number of menu items including Profile, Billing, etc. Click on one of those menu items in order to access your account.

Profile

The first menu item you will see is Profile. From this tab you can edit your name, username and email. You will also see your profile photo which can be set using Gravatar (opens new window).

In this tab you will also find that you have the ability to change your password. You can also delete your account here. If you delete your account all of your networks and surveys and all associated data will be immediately removed. Billing will also stop immediately.

Advanced Functionality

Within the Profile tab you can access Advanced Functionality settings by clicking the "Advanced Functionality" button. This opens a panel with toggles for enabling optional features that are hidden by default:

  1. Ego Network Collection: When enabled, this shows additional options in the survey builder for matrix relationship questions. Specifically, it displays the "Matrix Relationship Type" radio group which allows you to configure ego network collection in surveys. The available options are:

    • Regular: The default matrix selection behavior
    • Directed Ego Network: Allows you to map ego networks where relationships between A and B are distinct from relationships between B and A
    • Undirected Ego Network: Allows you to map ego networks where relationships are symmetric (if A is related to B, then B is related to A)

    Note: If a survey question already has ego network mapping configured, the Matrix Relationship Type options will be visible regardless of this setting.

  2. Add Layouts as Layers: When enabled, this shows the "Add as Layer" button in the Layout panel when exploring networks. This allows you to save a layout configuration as a layer on your view, which can be useful for creating complex visualizations with multiple layout states.

These settings are saved immediately when you click Save and apply to your account across all networks and surveys.

Billing

The third menu item is Billing. Here you can find a dashboard summarizing the number of public and private networks that you currently have compared to the maximum number of public and private networks that you can have under your current plan. You will also see a summary of the total number of respondent credits that you have available to use.

To purchase respondent credits click the Buy Credits, Add Credits or Request Credits link at the bottom of the Respondent Credits box. If you have an individual account you will be able to buy credits immediately on your credit card. If you have an organizational account with admin privileges you will be able to Add respondent credits immediately and we will follow-up with an invoice via email. If you an an organizational account without admin permissions you will be able to request the number of credits you need and we will reply to your request via email and follow-up with an invoice (if you need the credits urgently you can ask an admin user in your organization to add them to the organization for you).

Data Credits

If the Social Data or Research Data module is enabled for your organization, you will also see a Data Credits box on the Billing page. These modules are available to organizations only, not to individual accounts. Data Credits are a prepaid balance used to collect third-party data through these modules — the two modules share the same balance. They are purchased in lots of 1,000 and never expire.

Organization admin users can have Data Credits added immediately with an invoice to follow, and other organization members can send a request that goes to your Polinode account team. You can add credits from the Billing page or directly from the Social Data and Research Data screens, and the balance also appears on the organization Usage dashboard.

What your Data Credits get you

Data Credits are priced at $0.01 each, so a lot of 1,000 credits costs $10. Different operations use different numbers of credits, because the underlying data costs Polinode different amounts to collect. The lists below give the rough guide; the exact amount used by a run is always shown against the credits reserved in your run history.

Research Data. You are charged 0.01 credits for each unique node (a paper or an author) added to your network. Edges are free. In practice:

| 1 credit | 100 nodes | | $1 (100 credits) | 10,000 nodes | | $10 (a full lot) | 100,000 nodes |

So a typical citation or co-authorship network of a few thousand nodes costs well under a dollar to build.

Social Data. Costs vary by platform and by the type of interaction collected. The main rates are:

Operation Credits What $1 (100 credits) buys
X / Twitter followers 0.006 per follower about 16,000 followers
X / Twitter tweets, mentions, replies, retweets, quotes 0.03 per record about 3,300 records
X / Twitter profile lookup 0.04 per profile about 2,500 profiles
Instagram followers 0.25 per follower 400 followers
Instagram posts 0.5 per post 200 posts
Instagram post comments and likes 0.6 per record about 165 records
Instagram profile lookup 0.6 per profile about 165 profiles
LinkedIn profile (enrichment, post comments, post reactions) 1 per record 100 records
LinkedIn posts 1 per post 100 posts

LinkedIn Shared Employer and Shared Educational Institution edges are inferred from data already collected and cost nothing extra. Data served from Polinode's cache is charged at half these rates. Because a run reserves credits up front and refunds whatever it does not spend, the reservation you see when you start a run is an upper bound, not the expected cost.

When a data collection run starts it reserves credits up front as its spending limit and refunds whatever it doesn't spend when it finishes, so part of your balance may show as "in use by runs in progress" while runs are active. A failed run is not charged at all.

Individual accounts will also see a sub-heading called Plan. It's here that you can upgrade or downgrade your plan. Organizational users will just see a single box indicating that they have an Enterprise account.

The final heading in this section is Credit Card. It's here that you are able to enter your credit card details if you are using an individual account. Organizatinal users will not see this credit card input as as billing for enterprises is managed by the Owner of the organization and a summary for the whole organization is provided to admin users under the Organization menu.

You will also see an AI Chat Usage card on this page. This shows your current usage of AI Networks Chat as a percentage of your monthly quota. Usage resets at the beginning of each billing period.

AI Support Chat

AI Support Chat provides a convenient way to get help with Polinode directly from within the application. You can access it by clicking the chat bubble icon in the main navigation bar.

When you open AI Support Chat, you can ask questions about how to use Polinode features, get help with common tasks, or troubleshoot issues. The AI will search our documentation and provide relevant answers to help you. If you have previous support chats, the widget will open to your chat history list so you can continue a previous conversation or start a new one. If you have no previous chats, the widget will open directly to a new chat with example questions.

If the AI determines that you need additional assistance or if you have a complex issue that requires human support, it will automatically offer to create a support ticket for you. You can also create a support ticket directly by clicking the "Create Ticket" button in the chat window without needing to have a conversation first.

API Access

In order to use the Polinode API you will need to generate an API credential. Click on the New API Key button to generate a credential and then enter your password. A dialogue will then display a Bearer token. Copy and store this token somewhere secure - you should treat it like your password and not disclose it to anyone else. Polinode does not store your token so you will want to make sure to record it yourself before closing the dialogue.

Once you have generated a credential you will see it in a table that includes the date and time it was created. You should make sure that only those credentials that you are actively using are in this table and delete (revoke) old credentials by clicking the delete button once you are finished with them.

BEARER TOKENS

New API credentials use bearer-token authentication: the token is passed in an Authorization: Bearer <token> header. The older HTTP Basic Access Authentication scheme (a separate Public Key and Private Key) is deprecated; existing Basic Auth credentials continue to work but new credentials are bearer tokens. See Authentication for details.

If you belong to an organization, your administrators can also create organization-owned API credentials with fine-grained access scopes. See Organization API Credentials below.

Organization

ENTERPRISE USERS

Organization management is only available to Enterprise and Partner accounts.

Enterprise and Partner accounts are provisioned as organizations rather than individual accounts. Each organization can have multiple individual accounts, each with different levels of access to the organization. The highest level of permissions for an organization is an Admin account for that organization. If you are an Enterprise or Partner user and are the Owner of the organization or have an admin account for your organization then you will see the name of your organization towards the top right in the header. Clicking on the name of your organization will show a menu containing Users, Usage, Organization Settings, AI Chats, API Credentials and Audit Log.

Clicking on any of these menu items will bring you to a screen that allows you to manage the Organization. This screen has tabs across the top: Users, Usage, Settings, AI Chats, API Credentials, Audit Log, and (if enabled) White-Labelling.

Users

The Users tab is where admin users for the organization can provision and manage users for the organization. To provision a user for the organization click on the Add User button and a dialogue will appear with the following fields:

  1. Name: The name of the user that you are creating an account for.
  2. Email: The email of the user that you are creating an account for.
  3. Permissions Level: The level of permissions that the new user should have for the organization. Please see below for details.
  4. Read-only User: A toggle that designates the user as a read-only user. Read-only users are counted separately from regular (full) users against their own seat limit. When enabled, the available permission levels are restricted to Access-only and Simplified Access-only. See the Read-Only Users section below for more details.
  5. AI Networks Chat: A toggle that controls whether the user can access the AI Networks Chat feature. This is enabled by default. If disabled, the user will not see the AI Networks Chat widget when exploring networks. Note that the organization-level "Prevent AI Networks Chat" setting (under Settings) overrides this per-user setting.

There are five levels of permissions for organization users (four of which are available as options when provisioning a new account):

  1. Owner: There is only one owner for any organization. Please contact support to add or edit the owner of the organization. An owner has Admin permission but cannot be removed from the organization.
  2. Admin: A user with Admin permission will be able to add, edit and remove users for this organization as well as create networks and surveys and edit the settings for the organization.
  3. Standard User: A user without Admin permission but with regular permissions, i.e. they will have the ability to create networks and surveys.
  4. Access-only: A user with Access-only permission will only be able to access networks and surveys created by other users and cannot create new networks or surveys themselves.
  5. Simplified Access-only: The same as Access-only but the user will not see the full left-hand-side menu in the explore view but rather only the open views button

Read-Only Users

Read-only users are a special category of users that are counted against a separate seat limit from regular (full) users. This allows organizations to provision a larger number of users who only need to view content without consuming full user seats.

Read-only users have the following restrictions:

  • Organization permissions: Can only be assigned Access-only or Simplified Access-only permission levels. Admin and Standard User permissions are not available for read-only users.
  • Network and survey permissions: Can only receive View permission on networks and surveys. Edit permission cannot be granted to read-only users.
  • User management: Read-only users cannot add other users to networks or surveys, and cannot edit or remove other users. The "User Can Add" and "Can Edit / Remove Other Users?" options are not available when adding a read-only user to a network or survey.

These restrictions are enforced both in the user interface and on the server, including when uploading users in bulk via Excel.

It is also possible to manage users in bulk by using the Download User List and Upload User List buttons. This works in a similar way to Respondent Lists in the sense that to make an edit you should first download the current user list and then make additions, deletions, edits in that list before uploading the updated list. The downloaded list includes "Read-Only" and "AI Networks Chat" columns with Yes/No values that can be edited before re-uploading. If the "AI Networks Chat" column is omitted from an uploaded list, AI Networks Chat will default to enabled for new users. Read-only users in the uploaded list must have Access-only or Simplified Access-only permissions or the upload will be rejected.

The downloaded list and the upload template also include columns for module settings: "Networks", "Surveys", "Passive Data", and "Discover". Each of these accepts Yes/No values to control whether the user has access to that module. If a module column is omitted from an uploaded list, new users will receive the organization's default module settings and existing users will retain their current settings. Setting a module to "Yes" for a user will only take effect if that module is enabled at the organization level.

At any time you may edit the permissions and settings of a user by using the edit button. Furthermore, you may delete a user by clicking the delete button. A confirmation dialogue will appear and, once confirmed, the user will be deleted together with all the networks and surveys that they are the owner of. When you delete a user you will be presented with the option to transfer all of the networks or surveys owned by that user to another user in the organization.

Usage

The Usage tab provides a dashboard that summarizes key metrics for your organization:

  1. Public Networks: The total number of public networks used across the organization compared to the total number of available public networks. Since public networks are deactivated by default you won't see this tile unless you have activated public networks for your organization.
  2. Private Networks: The total number of private networks used by the organization compared to the total number of available private networks.
  3. Respondent Credits: The total number of respondent credits currently available to the organization. To purchase more respondent credits for the organization simply click on the Add Credits or Request Credits link.
  4. Full Users: The total number of regular (non-read-only) users that have been provisioned for the organization compared to the total number of full users that may be provisioned at any one time.
  5. Read-Only Users: The total number of read-only users that have been provisioned for the organization compared to the read-only user seat limit. This tile is only visible if a read-only user limit has been configured for the organization.
  6. AI Chat Usage: The current AI Networks Chat usage as a percentage of the monthly budget. The progress bar changes color as usage increases. This tile is only visible if AI Networks Chat is not prevented at the organization level.

Settings

The second tab in the organization section is the Settings tab. There are ten settings that an admin user may change for an organization:

  1. Name: The name of the organization may be edited here.
  2. Session Time: The default session time (i.e. time before a user is logged out for inactivity) is 60 minutes. This can be configured to a greater or lesser amount depending on the security requirements of the organization.
  3. Prevent Public Networks: By default organization users are not able to upload public networks. If you would like to allow the upload of public networks you may switch it on and off here for all users. Prior to activating this functionality please get in touch with support to request an increase in the default public networks limit if required.
  4. Prevent Support Access: If this is set to yes then Polinode support will not be able to access any user accounts in the organization.
  5. Prevent Sharing Outside of Organization: If this is set to yes then users within the organization will not be able to grant access to any surveys or networks to users that are not in the organization (i.e. other Polinode users that are not a member of the organization).
  6. Prevent Google Sheets Networks: By default organization users are able to upload networks from Google Sheets. If you would like to prevent users from using Google Sheets as a data source for networks you can enable this setting.
  7. Prevent AI Networks Chat: If this is enabled then users within the organization will not be able to use the AI Networks Chat feature.
  8. Show Support Chat to Users: Controls which user roles can see the AI Support Chat bubble in the header. By default support chat is shown to all users. For white-labelled organizations the default is to only show support chat to Owner and Admin users. You can select or deselect any combination of roles: Owner, Admin, Standard User, Access-only, and Simplified Access-only.
  9. Rate Limiter Excluded IP Addresses: Requests from these IP addresses or CIDR blocks are excluded from Polinode's global rate limiter. This is useful when many of your users share one outbound IP address — for example a corporate proxy or VPN — which could otherwise cause them to collectively hit the per-IP request limit. Enter an IPv4 or IPv6 address or a CIDR block (e.g. 203.0.113.10 or 203.0.113.0/24) and press Enter; up to 50 entries may be added. Note that stricter limits on sign-in and other authentication endpoints still apply to excluded addresses.
  10. SAML: Click "Enable" to enable SAML 2.0 Single Sign On for your organization. This will open a dialogue that provides you with two URL's and also space to input two items from your SSO Identity provider as detailed below.

SAML Setup

When you click the Enable button for SAML Polinode provides you with the following two SAML inputs:

  1. ACS URL: This is in the form https://app.polinode.com/saml/consume/exampleOrganization and is the URL that you should enter into your Identity Provider to be redirected to after your Identify Provider has authenticated you. It is the ACS URL, i.e. Assertion Consuer Service URL.
  2. SP Entity ID:: This is a unique URL for your organization and will be in the form https://app.polinode.com/saml/login/exampleOrganization. If a user from your organization visits this URL they will be redirected to your Identity Provider for authentication before then being directed back to the ACS URL. This URL is unique to your organization. The SP Entity ID (Service Provider Entity ID) should be inputted in your Identity Provider. You may also enter this as the Issuer in your Identity Provider.

In order to setup SAML you will also need to input the following four items which will either be provided by your Identity Provider or chosen by you:

  1. IDP URL: This may look something like https://sso.yourIdentityProvider.com/saml2/polinode. This is the URL that Polinode will redirect users in your organization to if they visit the Direct Signin URL or otherwise try to sign into the application.
  2. Allow IDP Initiated: Whether or not Polinode should allow a SAML login request initiated by your identity provider or not.
  3. Signature Algorithm: The RSA signature algorithm to use for signing responses and assertions. The default is sha256 and you should ensure in your IDP setup that both the response and assertion are signed with the algorithm that you specify here.
  4. x.509 Certificate: This is a certificate provided from your Identity Provider that is uniqe to Polinode and your organization in that Identity Provider. It is used to ensure that only valid authentication requests succeed. It will be in the form:

-----BEGIN CERTIFICATE----- MIIFfjCCA2agAwIBAgIUYu1AahdXxB2APik0R8ITRYMcAQQwDQYJKoZIhvcNAQEL BQAwdzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNPMRAwDgYDVQQHEwdCb3VsZGVy ....ommitted... IxWzdXQT93keDA468B3CvkwQaZ6kYT91VI+voAO7yHJToER0S920iJxmgK2hfBxg JlJ4nUvJm3oNvi3Tsquc33a+KV0IEb9szw7wUp4ZUSh4uAu22rVpRF0/6CNfAotW 5OouQTmPrTpP394wBCeF0O3P
-----END CERTIFICATE-----

Once you have entered the inputs from Polinode into your Identity Provider and then inputted the IDP URL and x.509 Certificate from your Identity Provider into the dialogue you will be able to click the Activate SAML button. SAML will then be setup for your organization. If you need to enter an assertion in your provider please use urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress. Both the assertion and response should be signed and you should select the RSA-SHA256 algorithm for signing.

Polinode supports both IDP-initiated Sign-On (i.e. where a user goes to say Okta and initiates a login that way) and SP-initiated Sign-On (where the user navigates to say https://app.polinode.com/saml/login/exampleOrganization or enters their email at https://app.polinode.com/login). When setting up SAML in your Identity provider you may use the Polinode icon available at https://docs.polinode.com (opens new window) as the logo.

We do not support provisioning or deprovisioning accounts through SSO (they still need to be managed under Organization in the Polinode application). We also do not support single logout (as opposed to single sign on).

AI Chats

The AI Chats tab allows admin users to view AI Network chat conversations from all users in the organization. This provides visibility into how your organization's users are interacting with the AI Networks Chat feature.

The AI Chats screen is a read-only viewer with a list of chats on the left and a detail view on the right. Clicking on a chat in the list will display the full conversation including all messages exchanged between the user and the AI assistant.

Each chat in the list shows the chat title, the name of the user who created the chat, the network that the chat is associated with, the time of the last message and the number of messages. You can filter chats by date range using the From and To date pickers at the top of the list.

The first chat is automatically selected when the list loads. You can also navigate between chats using the up and down arrow keys on your keyboard.

API Credentials

The API Credentials tab allows admin users to create and manage organization-owned API credentials. Unlike the personal API keys created under your own Profile → API Access, these credentials belong to the organization itself and are intended for integrations and external systems that act on the organization's data via the Polinode API. Any admin of the organization can view and revoke them, so they remain auditable independently of the individual who created them.

Creating a Credential

Click the New API Credential button to open the create dialogue, which has the following fields:

  1. Name: A label to help you recognise the credential later (e.g. "Reporting integration").
  2. Description (optional): A note about what the credential is used for.
  3. Access: Choose what the credential is allowed to do:
    • Full API access: Grants read and write access to all of the organization's public API resources.
    • Custom scopes: Grant access per resource. For each resource (Networks, Metrics, Employees, Custom Fields, Survey Responses and Surveys) you can independently toggle Read and Write. A "Set all" row lets you turn Read or Write on for every resource at once.

Read and Write are independent: you can grant Write without Read (for example, a credential that only pushes data in), and a Read-only credential cannot perform any create, update or delete calls. See Scopes in the API documentation for how these map to the API.

When you click Create, a dialogue displays the credential's Bearer token. Copy and store it securely now — Polinode does not store API tokens, so if you lose it you will need to revoke the credential and create a new one. Pass this token in an Authorization: Bearer <token> header when calling the API.

Managing Credentials

Existing credentials are listed in a table showing the name, the last four characters of the token, the access summary, the created date and when the credential was last used. For each credential you can:

  • View access details (the information icon): opens a read-only breakdown of exactly which resources the credential can read and write.
  • Revoke (the delete icon): immediately and permanently invalidates the credential's token. Any integration using it will stop working, so you will be asked to confirm.

TIP

Credentials that are created automatically for individual passive data sources are managed on that source rather than in this tab, so they are not listed here.

Audit Log

The Audit Log tab provides a record of every authenticated API request made by users in your organization. Each entry captures the timestamp, user email, HTTP method, URL and IP address of the request. Audit log entries are retained for 90 days and are automatically deleted after that period.

Viewing the Audit Log

The audit log displays entries in a paginated table sorted by most recent first. By default the last 7 days of data are shown. You can adjust the date range using the From and To date pickers.

The following filters are available to narrow down the entries:

  1. Method: Filter by HTTP method (GET, POST, PUT, DELETE).
  2. User email: Filter by the email address of the user who made the request.
  3. URL contains: Filter by a keyword in the request URL (e.g. "networks", "surveys").
  4. From / To: Filter by date range.

After adjusting filters, click the Apply Filters button or press Enter in a text field to update the results.

Exporting the Audit Log

Click the Export button and choose either CSV or JSON format. The export includes all entries matching your current filters (not just the current page). The file will download directly in your browser. The exported CSV includes the columns: Timestamp, User Email, Method, URL and IP.

Webhook Forwarding

You can configure a webhook to receive audit log events in real time. Click the Forwarding button to open the webhook configuration panel.

To set up a webhook:

  1. Enter an HTTPS URL in the Webhook URL field.
  2. Choose an authentication method:
    • HMAC-SHA256 Signature (default): Polinode generates a signing secret. Each event request includes an X-Signature-256 header containing an HMAC-SHA256 signature of the JSON payload, computed using your signing secret. You can use this signature to verify that the request originated from Polinode. The secret is displayed once after configuration — copy and store it securely as it cannot be retrieved again.
    • Custom Header: Enter a header name and value that will be sent with each request. This is useful for services that accept a static token or API key, such as Splunk HEC (Authorization: Splunk <token>) or Datadog (DD-API-KEY: <key>). The header value is stored securely and is not displayed after configuration.
  3. Click Configure.

Once configured, every audit log event will be sent as an HTTP POST request to your webhook URL with the authentication you selected.

From the webhook configuration panel you can:

  • Test: Send a test event to verify your webhook endpoint is reachable and responding correctly.
  • Remove: Delete the webhook configuration. You can configure a new webhook at any time.

Only one webhook can be configured per organization. Configuring a new webhook will replace the existing one.