Deployment on Azure + AD Authentication enabled + st.file_uploader = 403 Forbidden

Hi,

I am attempting to deploy a Streamlit app on a production instance of Azure’s AppService. Deployment is done via a Docker image stored on a container registry.

Everything works fine when authentication for the App is turned off. However, when I turn it on, the file uploader widget in my app stops working and throws this error: “Error: Request failed with status code 403”.

The same issue was discussed here (Deployment on Azure (AppService) + AD Authentication enabled + st.file_uploader = 403 Forbidden) and a solution of enabling ARR Affinity was suggested: but this hasn’t solved the issue for me.

Wondering whether anyone happens to have any other ideas?

Thanks a lot for reading!

Replying to push this post

Hi,

Adding

[server]
enableXsrfProtection = false

To streamlit/config.toml file fixes this for me. I understand that this is a workaround which is likely to come back to bite me, but it has not. So far.

If you figure out how to use the ARR cookies provided by Azure, please let me know.

In streamlit documentation as per below link , Go through Symptom #3.

App is not loading when running remotely - Streamlit Docs.

I have tried turning of XSRF protection it worked for me. so as per the suggestion we should enable same cookie secrets for replica.

Tried with ARR on, but didnt solved.

Here my question is I am running app on single azure instances but why it is not working with XSRF enabled.
Please let me know if anyone have any other solution.

I am also experiencing the same issue. Tried, ARR, and the cookie secret suggestion in the config file. Removing xsrf did remedy the problem, but the impact to security is not acceptable. I also have the azure authentication on in the web app.

did you find a solution? I’m having the exact same issue

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.