shinyapps.io Authentication and Authorization Model
With Shinyapps.io, you can limit access to your application by enabling authentication. To enable authentication in the administrative UI, select the application to modify and click on the Users tab. If you currently use the pre-beta authentication scheme, please follow the instructions to upgrade to the new system here.
Here is a sample application with the default visibility settings (Public):
Change the Application Visibility to Private and click on Save Settings. Changing the visibility of your application will require a restart of the application. The Owner of the account and other members of the account will automatically be included in the list of authorized users.
After the application is restarted you can add authorized users by entering their email addresses and clicking on Add User.
Each user will receive an email from shinyapps.io with an invite to view your application. If a user does not already have an authenticated account on shinyapps.io, they will be able to create one by authenticating through one of the following three methods:
Shinyapps.io will prompt each visitor to your app for a username and password if they have not been authenticated. Only users who log-in with valid credentials will be able to view or use the app.
If you currently use the pre-beta authentication scheme, please upgrade to the new system right away. We will be deprecating support for the old authentication system during the beta. For instructions on how to upgrade, please read the guide below.
The beta release of shinyapps.io introduces a new mechanism for authentication and authorization. This system replaces the existing rscrypt based approach and provides a more flexible and manageable flow.
The new authentication system provides several advantages:
To migrate your application from the old authentication system to the new one you will need to follow these steps:
Question: Can a given application have both the old and new authentication systems active at the same time?
Answer: Yes, it is possible during the beta until we deprecate the old system. The user would be prompted to authenticate twice. We will disable the old authentication system in the weeks before the general availability of the service.