Access control for streamlit app served in iframe

Streamlit is amazing.

I have an app (Open beta) that I serve in a page in a iframe .

The advantage is that this way I can set up a normal website “around” my app with documentation and blog.

The app is free and will stay free.

I would like to set up some kind of simple user authentication mechanism. I would like this to be independent from my streamlit app code and simply protect the access of the html page that contains the iframe. Like a news paper paywall that asks you to register to read an article, so to speak.

I understand that the original page that hosts the app from where the iframe content is taken would not be protected, but that is a problem for another day. And being the app free, it is not really a concern.

Is this at all possible?

Thanks for the great work


Hello @Fabio !

On what platform are you deploying on? The easiest more robust way I know of is having Nginx with simple authentication as a reverse proxy to your page. Check out the guides in the Webservers > nginx section of the deployment community page to find some examples of guarding the Streamlit app. Though if you want to protect the whole page, any guide on Google with the keywords “nginx authenticate reverse proxy” should do the trick :slight_smile: .

Good luck, your app with embedded Streamlit looks pretty awesome!
Fanilo :balloon:

1 Like

Thanks @andfanilo!

I have nginx :slight_smile:

This is fantastic! I looked around your link and I think what solve my problem is Authenticated Full-Stack Streamlit with Docker.

But as you say I simple need to protect the whole page, so maybe it is even easier!

In any case super thanks!