Is it possible to disable the "Share" button for security porpuses?

Hi!
I want to publish my app but only for comapny employees.
The SSO method I think could work but it will take a long and hard step with internal aprovals and so on. That won’t help now.
I would like to keep using Google Oauth (that’s the most easy and fast way) but not allowing anyone to share it, for example disabling the SHARE button for all users remaining just to the admin (developers) the ability to invite.
Is that possible? This feature in our business context has been seeing as a security flaw.

Thanks in advance! :smile:

Regards. :wave:

Hi @Analytics_Africa , welcome to Streamlit community.

I suppose that you are using Streamlit Cloud for deployment. I didnt found any config that can limit the powers of developers and invited viewers in Streamlit Cloud for the moment.

Developers, invited viewers, and members of your workspace can all see the in-app share menu, read the list of viewers, and add and remove viewers.
Source: Share your app - Streamlit Docs

Maybe the best solution could be deploying your application in a compute managed service of your company and set the VPC and other security/network configurations that you need. Some examples for deployment in some cloud services:

Other simplest option would be defining a password for the users, just as temporary solution. Authentication without SSO guide

(post deleted by author)

Hi @Analytics_Africa

Yes, you need to put the authentication snippet code in each page (that need auth to use). As the code of the examples of Authentication without SSO Guide save the information in App Sesion State, you only need to define once the funcion and call in each page the auth function. Just a simple example

main_page.py

import streamlit as st
from password_check import check_password

if check_password():
    st.write("#Hello 👋")

pages/01_page.py

import streamlit as st
from password_check import check_password

if check_password():
    st.write("#Page 1 👋")

In this way, all elements that are inside check_password() will have an password verification before showing the data. If you insert the correct data in any of the pages, the state will be preserved in all application pages that uses check_password().

I didnt found any feature that hide any page in Streamlit, so in the moment I dont think it is possible to hide if you are not logged. But, if it is really necessary, you can try to use different pages selection and control of which element is shown using st.selectbox and the multipage way before Multipage feature. Some examples of how was the life befere Multipage feature:

@fhtsibuya , good day!

I had to delete last post because I shared some important business information.

I’ve tried your suggestion and worked fine controlling page selection with st.selectbox.

But the power to delete any viewer by any viewer is anoying me. It would be better just like Google Sheets or other platforms if anyone could add viewers but not delete.

I haven’t followed deployment in other cloud services yet, but I appreciate a lot your help so far!

Tks

1 Like