Retool to end support for creating password-protected Public Apps


This page:

On February 18th, 2024, Retool plans to end support for creating password-protected Public Apps. If need to build authenticated external apps, check out our guide."

What exactly does this mean? Are we not allowed to build public apps that have their own authentication?


Anyone? @victoria

Hey Patrick!

Retool designed the Public Apps feature to support applications that are truly accessible to the public (examples could include an application that includes a form for collecting local news reports or a public-facing COVID tracking site). We're actually expanding the availability of Public Apps to more cloud plans soon because we've seen customers build really amazing things with them.

We're removing password protection for several reasons:

  1. Rather than asking for improvements to password protection, many of our customers have pulled us to help support secure experiences that leverage our user model and permissions.

  2. We've since shipped Retool Embed and Retool Portals to let you do just that.

  3. We want Public Apps to be truly public!

If you're exposing Retool to external users, I'm happy to discuss which approach makes more sense. But rolling your own authentication on top of Public Apps is also against our Acceptable Use Policy.

Hey @antonybello,

Thanks for the explanation on Public Apps. I appreciate it!

To clarify, let's say I have an invoicing app built with a non-Retool service that has its own authentication, unrelated to Retool. Let's say that I'm considering using Retool Embed to iframe the Retool-built app into the invoicing app. Is this valid according to the Acceptable Use Policy?

Thanks in advance for your clarification.

Hey Patrick! Stepping in here to answer your most recent question :slight_smile:

That would be against of Terms of Service when using a Public App, but not Retool Embed. With Retool Embed, you'd be providing user information via the Embed URL and those users would be tracked in Retool (and charged for).

1 Like

Hi @victoria, What about existing apps with public URL and existing passwords? Will the tool be grandfathered or will the password cease to exist and leave the tool open?

Hey @Michael_Rey!

"Any existing public apps with password protection will remain protected. Should we decide to make any further changes to password protection, Retool will provide at least six months notice."

Let me know if that helps answer your question!