We are evaluating retool's external functionality for building an MVP of a customer facing SaaS dashboard. In general, I think functionally retool will be able to do everything we need for the dashboard, but I'm getting stuck trying to parse through the docs to understand the options for authenticating these external users.
Our tool caters to enterprises that will expect the ability to configure SSO using their own provider from day 0. This means we need a way to (eg) support users from Customer A authenticating into the tool with their OneLogin instance, while Customer B authenticates with their Okta instance, etc.
Is this something that the current retool external offering can support, and if so how is it set up, or is it only possible to allow external users to log in with email/password or Google oauth?
Great question, I know you are able to set up OneLogin or Okta but I am not sure about multiple SSO options for a single app.
One idea that jumped to mind would be to use Retool Spaces to split your Retool org into multiple isolated ones.
Each can have their own SSO option, you would just need to handle permissioning and directing your external users to their corresponding Space for their auth provider.
Waiting to hear back from our internal team on if there is more information of successful use cases of multi-SSO orgs/apps!
Heard back from the team and it seems that the only option for multi-SSO app configurations is to use Retool Spaces.
As single apps are currently only configurable with a single SSO provider.
I believe we have an internal ticket for our auth team to expand this to cover multiple options. Given the importance of security this is likely a complex re-config of how our auth processes
For now, Spaces makes a lot of sense as users from different companies will be able to have granular uniqueness built into either particular space if needed. On the other hand you can always keep the different Spaces uniform as well.