Authentication methods and access rules

Good evening. Sorry for the trivial question but I’ve only recently been using grist. I’m trying to display a document made with grist , promoting the use of grist electron or grist core . I would simply like those who open the document not to see the formulas and the creator panel. I’m having trouble managing user authentication. Even using omnibus doesn’t solve anything. Am I forced to set an authentication method (SAML, OIDC etc. etc.) with which I am having problems, or can I find a different solution?. Obviously I can’t get any access rules to work that I assume only work for authenticated users.

Hi @Emidio_Morganti ,

For proper authentication, you would indeed need to connect Grist to some other authentication provider (grist-omnibus supports Google and Microsoft fairly easily, and others may be connected via OIDC or SAML). The only out-of-the-box authentication in grist-omnibus is that you can set environment variables EMAIL, PASSWORD, and EMAIL2, PASSWORD2, etc.

Now given this, you should in fact be able to make your document public (or link-shared), and then others would be able to open it without being logged in. Access rules do work for such anonymous (non-authenticated) users.

Once you get that far, you’ll notice that there is no way to hide formulas or the creator panel. The style parameter, intended for embedding, can hide it visually, but users can remove the parameter. The only way I know to hide a formula properly is to deny all access to that formula column (let’s say the column is called F), and create another formula column with the formula simply $F, and give access to that instead. For the new column, users would see both data and the formula, but the formula wouldn’t reveal the actual logic.