Is there a way to restrict access to a data type such that even the app builder cannot view its content on the data page?
The data I’m hoping to use and serve back to the user is sensitive enough that I don’t want to be able to access it. Is it currently possible for the app builder to restrict their own view access to user data other than passwords?
Thanks!
We haven’t built that option yet. If you’re the admin and don’t share the control, things should be safe right?
Thanks for the response.
This feature would be useful for handling users’ more sensitive data: for example addresses, banking info, etc. Things that ideally would only be decrypted when needed rather than stored as plaintext. I don’t know enough about encryption to make any further recommendations though. I think this feature could allow for greater trust between users and the app and consequently allow for the adoption of whole set of use cases that use more sensitive data.
Of course I know y’all have a lot of other priorities in the queue.
Any news on this road? This would be a really killer feature! Would solve oh so many problems.
Also, there should be a possibility of creating password fields for other things, too - so that it would be one possible type for a field in a thing…
Yes, this feature would make it possible for me to build apps whereby I can demonstrate to a client that I cannot read their sensitive data. Medical/Banking records to name but two. Only they should be able to read it.
Could we not have a simple ‘encrypted’ type of field (added into the list of text, number, date etc etc)? Then only the Current User logged in can enter data and read that field. To test the developer would just have test as a User.
Boy that would make Bubble head and shoulders above a lot out there!
Hi @markeaston or anyone else,
Did anyone manage to get anywhere with this. I want user info to be encrypted in the database (not stored as plain text). I want to achieve the same result: show users that not even we (app builder) can look at their data.
Thanks
Hi mangoly,
No not so far I’m afraid.
I was thinking the ‘encrypted field’ would be like a password field that only the User who created it can see. I have recently developed a Filemaker app and as Admin I can view all the Users profile data but not their password. I can change their password or invite them to change it but I can’t view it. I can’t quite see why it wouldn’t be possible to designate certain fields as ‘encrypted’ and then only the User who created them can view the data in them.
If you think about Medical Records (and how sensitive they are) this would make it possible for only a Doctor who entered the notes to see them unless he/she allowed say other Users (Patients, Clinical staff etc) to see that field.
I get that someone has to ‘hold the keys’ but even that someone shouldn’t necessarily be able to read everything. There’s trust and there’s trust… disgruntled employee etc etc - allowing developers to offer clients ‘encrypted’ fields would make for greater security in my humble opinion.
If you get anywhere do let me know…
cheers
Hi @markeaston,
I totally agree with your statement. In Human resources, this is the same, you don’t want employees (developers) getting access to the app that their own company is using for the same reasons (Eg. Salaries, historical reports, etc…).
I’m currently building an app that holds very personal information and there is no way any user except the user intended can have access to it.
Thanks anyway
I’ll carry on tracking this topic as I think it will gain traction with Users someday.
If I find anything out I’ll post it here…
cheers
mark
I would also need this function. I’m a little surprised that it’s not implemented already. I’ve found several requests for it on the forum, spanning years back.
A bit disheartened by Emmanuel’s response in this thread, to be honest. It’s fully missing the point of trust between user and developer/owner. It also makes me hesitant to use Bubble for serious application myself, do you not encrypt payment info or other personal information on your end?
Even if you’re building a very simple thing with an input, say, “how much is your monthly spending”. I bet you couldn’t even get your friends to beta test that one for you haha.
Hi @emmanuel. I have encrypted the data in my database and thats great. It means Admins or App Owners can not see confidential data. I only have one problem the admin is still able to use the “Run as” functionality which would allow Admins to see the data through the UI. That means the first option defeats the purpose of the second option. Privacy is a big thing in my App and I really need to go forward with this, but wont make the jump unless I am confident I can solve this with Bubble.
I see 3 options to solve this,
1/ Bubble makes the “Run as” feature optional (I am prepared to sponsor this feature).
2/ We don’t use the built in Signup/Login feature by Bubble and we create a new data type for users. This way the “Run as” option won’t appear as an option in the App data settings. But I don’t know if this will work.
3/ User Signin/Login is done ouside in Firebase or some other database (I don’t like this option as I would need to understand Firebase) and to be truthful I want everything contained in Bubble.
@emmanuel do you see any short term option for this. I know there are more clients interested in keeping data safe even from App builders. Are any of these options feasible? Please can you help as I don’t seem to be getting anywhere with this. It will determine if Bubble is right for the app I want to build.
Thanks
Have you looked in to 2fa? Not sure if it will solve the issue but if the app was built that all sensitive data was behind 2fa procedure then I guess clicking “run as” would kick you out until 2fa was true? Then of course only the user can do the 2fa.
