I’m currently working for a public sector organisation in the UK.
We want to publish a Streamlit app from our Github page, but are concerned about the data security. While the specific Streamlit app repo has non-sensitive data, some of the other repo’s contain potentially sensitive information.
My question is, upon giving Streamlit permissions to see the organisation’s Github page, do Streamlit only have access to the given repo, or the entire Github page? If Streamlit can access the entire organisation page we may be forced to use an alternative.
Any information would be greatly appreciated!
Thanks
Streamlit does not get access to any other repositories or sensitive data you may have in your GitHub org. It only has access to the specific repo you pick to deploy the app from.
You can also inspect the OAuth permissions when connecting Streamlit to double check it only asks for what you’re comfortable allowing. You can always revoke the Streamlit OAuth app access anytime you want to cut off access as well.