Option to restrict access to production or staging API

We need to be able to control who has access to the data in our production database. Whilst still being able to allow some users to just have access to the staging environment.

Our use case is as follows. We have an internal team based in the UK and they have access to the Live customer data.

We also have a remote testing team. In order for them to test, they need access to our same internal tools. However, for data privacy reasons, we don’t want to grant them access to the production database.

The ideal situation is that our test team only have access to our staging environment, so they never come into contact with Live user data.

Given the regulatory changes surrounding GDPR (in the EU) I can see this being quite important for a number of users.


We have a similar situation. I'm curious how others are adding new contributors to Retool without compromising production data.

For example, cloning an app and removing production resources? Local Retool instances (Enterprise)?

This issue is a few years old, but I can't see that anything has been done on it. Are there any updates I missed?

1 Like

Hi there! We have a project that we're working on for enabling permissions on specific environments, which may help! I can post back here when it ships