"Run As" Feature is a security risk

I would like to resurface this topic "Run As" Feature - Security Concern

The other day, I submitted a support ticket and the Bubble support person was able to login into my app and “Run As” one of my customers. This is a major concern. I get that with any multi-tenant platform, somebody ultimately has “God” status and can see all but I feel it is Bubble’s responsibility to put controls in place to limit exposure.

2 possible solutions I would like to table for discussion:

  1. Make it a setting where I can toggle “Run As” on or off.
  2. Allow the user to grant access to their user record and “Run As”
    This is how platforms like Salesforce control access. You grant access to your Company Admin or Salesforce Support for a limited time period (eg 2 or 24 hours). This feature would also have to be exposed via the API so that I can create a similar experience for my customers who do not have access to Bubble’s config panel.

I’m looking forward to hearing what others think. I’m hoping everyone sees the importance of closing this gap. Knowing it’s a problem and not doing anything about it, puts us at risk from a data privacy perspective and will give your insurance company another reason not to pay any cyber-security claim you may have.

3 Likes

Really…nobody has any opinion on this? Where is the Bubble team on this issue?

I think run as mode only works in development version?

It works in production as well.