Hello. Sharing my app with employees. Sendin...

Tim_Meske · 06-06-2018 05:00 PM

Hello. Sharing my app with employees.

Sending an invite for use on their mobile devices has been simple.

The process requires authentication.

Question… Copying the URL app link into an employee’s pc browser required authentication also but since a formal invite through appsheet was not required, is there anything stopping anyone from using our app URL along with a random BOX cloud account to gain access to our app?

In summary, I assumed the specific invite was my security over uninvited users that may have access to our app URL. What stops an uninvited user from getting our app URL and accessing our app?

Phil

@Tim_Meske

Hi Tim,

To protect your application you should set “Require user signin” on the Security > Require sign-in pane.

Then add your user’s email addresses on the Users > Users pane.

Tim_Meske

Ok thanks.

Both are set properly.

Since sign in is required and the URL app user is listed as an approved user then only a BOX cloud account associated with that email can utilize the our app URL, correct?

Phil

@Tim_Meske

Any user who might discover the app URL would be prevented from using the app because they can not sign in.

Only user’s having email addresses in your whitelist can sign in and use your app.

Gaudacandra_Das

I had my app set to “Require user sign in” and an un-invited private email appeared as another user that was not approved but was counted by AppSheet as another user. So how does that happen?

Marc_Dillon

Do you have this option turned on?