Is it possible to detect if the retool is embedded?

Hello everyone,

we're sharing the retool using the public link with no authentication. Using iframe html tag, we embed the retool.

Since this iframe html tag is accessible, it can be copied and opened in a browser's tab so you could access the retool itself. We're trying to block this behaviour, if the retool is not embedded, block and hide all the content. Is it possible using parent window resource?

Is it possible? Thanks in advance,


Hi @sergiofdez4!

The intention for Public Apps is for anyone not in your org with the URL to be able to access your app. Outside of the simple password protection you can enable, custom forms of authentication aren't part of their intended use (hence why we don't recommend having any sensitive data be accessible there). So, this use case likely won't be supported :confused:

1 Like