Deployment on Azure + AD Authentication enabled + st.file_uploader = 403 Forbidden

Hi,

I am attempting to deploy a Streamlit app on a production instance of Azure’s AppService. Deployment is done via a Docker image stored on a container registry.

Everything works fine when authentication for the App is turned off. However, when I turn it on, the file uploader widget in my app stops working and throws this error: “Error: Request failed with status code 403”.

The same issue was discussed here (Deployment on Azure (AppService) + AD Authentication enabled + st.file_uploader = 403 Forbidden) and a solution of enabling ARR Affinity was suggested: but this hasn’t solved the issue for me.

Wondering whether anyone happens to have any other ideas?

Thanks a lot for reading!

Replying to push this post

Hi,

Adding

[server]
enableXsrfProtection = false

To streamlit/config.toml file fixes this for me. I understand that this is a workaround which is likely to come back to bite me, but it has not. So far.

If you figure out how to use the ARR cookies provided by Azure, please let me know.