Sachin Duggal : Secure Data Display in Retool for External Users - Best Practices?

sdbags · December 18, 2024, 8:57pm

Hello Retool community!

I'm Sachin Duggal , and I am the owner of a bags manufacturing business, I’m in the process of migrating an external-facing frontend to Retool, where users (external clients) will manage access for their employees. The challenge is ensuring that each logged-in user only has access to their company’s data. We’re considering leveraging Retool’s direct database querying capabilities to save time, but I’m concerned about the security of exposing sensitive company data.

I’m considering using a custom login process to pass a company ID, which would be stored locally (e.g., in local storage or session storage), but this could be vulnerable to manipulation by the user.

Has anyone dealt with a similar issue? How do you ensure secure data access in Retool without the need for constant backend calls for each query? Are there better ways to store or secure company-specific data in Retool while allowing users to only access their own data?

Any tips or insights would be greatly appreciated!

Thanks in advance!
Regards
Sachin Duggal

MiguelOrtiz · December 18, 2024, 10:26pm

Hey @sdbags and welcome to the forum!

One way of achieving this is using retool's attributes for users and using this attribute to implement a row level security in your database.

This would requiere most, if not all, of your tables to include this verification id and all your get and post queries as well, via the current_user.metadata object.

The current_user variable is safe from data injection, so this puts you in a good place security wise.

You would have to implement a custom page for user creation so you can then apply the right attributes upon user creation.

This may not be as streamlined as I would like, but it has worked well for me in the past.

Let me know if you need further info, happy to provide more

Jack_T · January 3, 2025, 11:13pm

Hello @sdbags,

I second all the points made by @MiguelOrtiz above. Another option would be to use our new Retool Spaces functionality which will allow for building separate "mini-apps" for each user group/company to keep data separate.