Migrating shinyapps.io authentication

The general release of shinyapps.io introduces a new mechanism for authentication and authorization. This system replaces the existing rscrypt based approach and provides a more flexible and manageable flow.

The new authentication system provides several advantages. With it you can:

  • Add or remove authorized users without restarting the application thereby preserving the sessions of logged in users.
  • Manage application access through the admin interface (new)
  • Leverage Google or Github authentication to improve security for your users.
  • Save your users the burden of managing and maintaining their own user authentication information.

To migrate your application from the old authentication system to the new one you will need to follow these steps:

  1. Set the Application Visibility setting to Private in the Users tab for that application and click Save Settings. This will restart the application and apply the new setting. Note, once you do this, none of the existing users will be able to authenticate.
  2. On your local system, rename the passwords.txt file in /shinyapps to old_passwords.txt.
  3. Re-deploy your application using shinyapps::deployApp()
  4. In the Users tab, add the email addresses for the individuals that were in your old_passwords.txt file. If you were not using email addresses before, you will need to do so at this time. Don’t worry if your users don’t have Google or GitHub accounts, they can always use local authentication through shinyapps.io.
  5. Your users should now be able to authenticate and see your application.

We love it when R users help each other, but RStudio does not monitor or answer the comments in this thread. If you'd like to get specific help, we recommend the RStudio Community as well as the Shiny Discussion Forum for in depth discussion of Shiny related questions and How to get help article for a list of the best ways to get help with R code.

comments powered by Disqus