Hi!
I want to publish my app but only for comapny employees.
The SSO method I think could work but it will take a long and hard step with internal aprovals and so on. That won’t help now.
I would like to keep using Google Oauth (that’s the most easy and fast way) but not allowing anyone to share it, for example disabling the SHARE button for all users remaining just to the admin (developers) the ability to invite.
Is that possible? This feature in our business context has been seeing as a security flaw.
I suppose that you are using Streamlit Cloud for deployment. I didnt found any config that can limit the powers of developers and invited viewers in Streamlit Cloud for the moment.
Developers, invited viewers, and members of your workspace can all see the in-app share menu, read the list of viewers, and add and remove viewers.
Source: Share your app - Streamlit Docs
Maybe the best solution could be deploying your application in a compute managed service of your company and set the VPC and other security/network configurations that you need. Some examples for deployment in some cloud services:
Yes, you need to put the authentication snippet code in each page (that need auth to use). As the code of the examples of Authentication without SSO Guide save the information in App Sesion State, you only need to define once the funcion and call in each page the auth function. Just a simple example
main_page.py
import streamlit as st
from password_check import check_password
if check_password():
st.write("#Hello 👋")
pages/01_page.py
import streamlit as st
from password_check import check_password
if check_password():
st.write("#Page 1 👋")
In this way, all elements that are inside check_password() will have an password verification before showing the data. If you insert the correct data in any of the pages, the state will be preserved in all application pages that uses check_password().
I didnt found any feature that hide any page in Streamlit, so in the moment I dont think it is possible to hide if you are not logged. But, if it is really necessary, you can try to use different pages selection and control of which element is shown using st.selectbox and the multipage way before Multipage feature. Some examples of how was the life befere Multipage feature:
I had to delete last post because I shared some important business information.
I’ve tried your suggestion and worked fine controlling page selection with st.selectbox.
But the power to delete any viewer by any viewer is anoying me. It would be better just like Google Sheets or other platforms if anyone could add viewers but not delete.
I haven’t followed deployment in other cloud services yet, but I appreciate a lot your help so far!
Thanks for stopping by! We use cookies to help us understand how you interact with our website.
By clicking “Accept all”, you consent to our use of cookies. For more information, please see our privacy policy.
Cookie settings
Strictly necessary cookies
These cookies are necessary for the website to function and cannot be switched off. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms.
Performance cookies
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us understand how visitors move around the site and which pages are most frequently visited.
Functional cookies
These cookies are used to record your choices and settings, maintain your preferences over time and recognize you when you return to our website. These cookies help us to personalize our content for you and remember your preferences.
Targeting cookies
These cookies may be deployed to our site by our advertising partners to build a profile of your interest and provide you with content that is relevant to you, including showing you relevant ads on other websites.
