I’d like to create an app for a potential company. It’ll be an app for the staff of the company. However, some highly “sensitive” data has to be stored on the app and the customer has made it clear that users must identify themselves before being able to use the app. (To make it short : no login, no app).
While I know the systems already available (PIN…), I had an idea and I wanted to check if it’s possible.
Let’s say a user A opens the app, the first thing that will be opened is a web page where the user will be asked to login with it’s credentials on the company website, if login successful the web view will close and the access to the app will be allowed. If not he will arrive on an error page and will be asked to login again.
We may implement some API if that’s the solution.
Please let me know if this is somehow possible or if you may suggest me a workaround.
What you are describing there is essentially the login via Gmail option, which is the only form of SSO that Glide currently supports. So if your customer is using Gmail/Google, then that will be your solution. If they aren’t, then you may be out of luck for now.
Hey ! Thanks for your answer, unfortunately I’ve already read those details and the company require that all data’s are accessible to register users only. The initial idea was to allow users to login with their employee credentials and that’s connected to their database. Not possible glide. Then I thought of having some SSO but it looks like it’s not possible currently.
Thanks for your help guys, will consider making a new feature request.
Hey ! Unfortunately the company system are not based on Google or Gsuite option. Is creating a database in google and restricting access to member of the organisation can work ?
The only option that I could recommend would be to consider the Private Pro plan. With that plan, you have to whitelist the user emails that can have access, so you would have full control to restrict access only to company employees and revoke access by removing them from the whitelist of needed. Anyone that is not in the whitelist cannot get into the app at all. The sign in process would still require a pin, but I would assume they still need a password to access their company email and obtain the temporary pin code. In essence, it’s similar to 2 factor authentication.
Adding any authentication outside of Glide’s authentication would unnecessarily complicate things and most likely make the data much less secure.
The data can be stored in a google sheet or a glide table. For further security, I would probably directly use a glide table, unless you need some specific functionality that only google sheets provide.
Restricting access to data in a google sheet to specific users won’t work because the authentication is between glide and google. Not the user to google.
If you have a current login to a website that can post information to your google sheets via an api you can go that route or setup your app to have a homepage that is setup as a webview that when accessed it provides a webview of your companies login and upon successful login it updates the google sheet to allow a different visibilty of your apps features. But this is not recommended and I will hear about it in a moment because this is not the most secure way to access your data.
LOL, I know this is, but I am just telling them ways to do what they want, as I mentioned they are not as secure as Glide’s in house method. If you have people that know how to access your data by viewing the page’s contents then yes they can get to it. But again as I mentioned before it’s just another way of doing it and Jeff you can do it this way with row owners.
@Jeff_Hager when someone signs in you have the user page with the owner rows be an arrayformula that equals the user login as unique values. So whenever someone signs in through this method it pulls to the only value that would of matched in the unique row
