I am self hosting Grist and using Zitadel for SSO. So far so good.
I’ve created a team site that has a dashboard that I want to share with certain people. I’ve added users and defined access rules that all work perfectly. However, I don’t want these guest users to have a personal site. I want them to only have access to the team site and nothing else. I’d like to think that I can manage that somehow, but I’ve not found any way to do this. No admin user, no user profiles or anything like that. Any help would be much appreciated.
Do you want to have personal sites for some users? If you don’t need personal sites at all, and there is a single team site, you could use the GRIST_SINGLE_ORG setting mentioned here:
If you need personal sites for some but not all, I don’t know of a way to do that currently.
I would Ideally want to retain the ability to allow some users to have personal sites.
For example, users within my company. Everyone else that I might allow access should not have that ability.
Hi @Shrey , I don’t think there’s a built-in way to do either of those things. For (1) you could I suppose brutally put in a rule in your reverse proxy to redirect away from personal sites - if no-one can access them, they can’t use them? For (2), nothing I can think of here either. The main contributors to Grist run SaaS-es where open team site creation is desirable. A way to lock it down would be reasonable but nobody has had cause to implement it yet.
Well, that would imply that Grist, particularly grist-core isn’t very suitable for organisation-al environments, because users may end up creating (often unintentionally) multiple sites and have the documents distributed in an undesirably unstructured way, wouldn’t it?