Streamlit deployment and data security

Hi there

I’m currently working for a public sector organisation in the UK.

We want to publish a Streamlit app from our Github page, but are concerned about the data security. While the specific Streamlit app repo has non-sensitive data, some of the other repo’s contain potentially sensitive information.

My question is, upon giving Streamlit permissions to see the organisation’s Github page, do Streamlit only have access to the given repo, or the entire Github page? If Streamlit can access the entire organisation page we may be forced to use an alternative.

Any information would be greatly appreciated!
Thanks :slight_smile:

Hi @Jonathan_Rees,

Thanks for posting!

Streamlit does not get access to any other repositories or sensitive data you may have in your GitHub org. It only has access to the specific repo you pick to deploy the app from.

You can also inspect the OAuth permissions when connecting Streamlit to double check it only asks for what you’re comfortable allowing. You can always revoke the Streamlit OAuth app access anytime you want to cut off access as well.

Feel free to read more about it here → Troubleshooting - Streamlit Docs

1 Like

Hi @tonykip. This is excellent, thank for the prompt reply. Will pass this on to my team.
Many thanks

1 Like

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.