Can I host an app in a clients account and restrict their access to its backend

Hi Guys,
After several months working on an app I’m now faced with an unexpected deployment problem.
How can I set up Appsheet to access data using the credentials of signed in user while denying access to the author account i.e. restricting access to the data from the backend.

I want to present my app to several clients each with a unique data set/sheet.
This has meant that I have to create several copies of the app one for each client.
My options as I see them…

  1. create an appsheet account with the clients email and host the app there… Problem is that they now have access to the app backend and may well copy and use the app without further reference to me…(I intend to charge on a subscription basis.)
  2. Retain the app in my account… This means that I now have access to the clients data from the backend which presents a liability of responsibility (some of the targeted clients are competitors).
  3. Setting Access Mode to “as a user” is unhelpful because it would require that all users have access to the data files which is undesirable.

I hope Appsheet can provide for authors who want to retain access to the app backend without unrestricted access to client data…

I’ll appreciate any thoughts on this…
Thanks for reading through…

@praveen, this seems like a good question for you.

Well, hey thank you @Steve … send the difficult questions my way :]

Hi @Gerald_Kariuki what you are asking for is to build a “multi-tenanted” application on AppSheet. There is a convoluted way you can achieve some part of this (using partitioned tables) but I do not advise it. What you want, I think, is to have an app where each of your customers can have their own account, their own use whitelist, their own security mechanism for signin, their own audit log history, etc … but your customers cannot see or copy the app definition.

We do not support this right now. It is something we can think about. I feel it should not stop you from flushing out your business model … i.e. attempting to sell your customers on this. In most cases, to be honest, customers with integrity will sign agreements that stipulate that they will not copy your IP (the app definition is your IP and them copying it would be an IP infringement). If you suspect a customer does not have integrity, there are very few mechanisms that prevent reverse engineering anyway.

1 Like

Thanks @praveen for your response. Maybe in your plans going forward you can institute this. Regards