Hello!
We're currently considering the possibility of transitioning one of our frontends, which is used by external users to manage access to our product for their employees, to Retool.
From what I understand, there are two potential approaches, but after reviewing the documentation, I'm unsure which is best—especially in terms of cost and displaying the right data securely.
The main advantage of using Retool, in my opinion, is the time saved. It allows direct database querying in some cases, bypassing the need to always go through our backend, where new endpoints must be created. However, since logged-in users should only see their company's data, I'm not sure how to enforce that effectively in Retool.
One option is for the (custom built) login process to return the allowed company ID(s), which could then be stored. However, options like local storage, cookies, or session storage aren't secure because users could potentially alter them. I tried setting a retool "variable" for which I can set the state and couldn't find it in the network tab, but I still feel it's not secure enough.
Does anyone have experience with achieving this in a secure way? If I end up needing to go through my API every time just to use an authorizer, I'm concerned about the potential time savings with Retool.
The same concerns apply when considering actual external users. Here, it’s even less clear how to control which data a user can access. I'm not referring to app-level permissions, which are manageable, but rather to which data they should see.
Any insights or suggestions on what's feasible would be greatly appreciated!
Thanks in advance!
