Password protect certain apps

Some apps could deploy something to production, being logged into bitrise may be too poor security wise… it would be great for just one more layer of protection to confirm the running/editing of a step.

Great idea, thanks @streaka for creating a #feature-request! :slight_smile:

Just a quesion: which parts would you like to password protect / which pages or functionality? Or the whole app access?

P.S.: don’t forget to vote on it! :wink:

I think multiple levels is useful, but the most critical one I believe would be the actual running of the step, as that’s really something that would at least get the user to think twice.

Can you please provide a bit more information, what’s not possible right now?

Every app can have unique access settings, which you can configure on the Team tab of the app. You can specify users & what level of access they should have on that specific app, as well as Groups in case the owner is an Organization.

Can you clarify a bit what use case(s) are missing, what’s not possible to configure right now?

Just ensuring that if an app with a deploy to production workflow is triggered, there’s an extra step (even a confirmation dialog) to ask if the person doing it is positive they want to do it

Wouldn’t it be easier / more secure to not even grant them that permission? E.g. to have that person as a QA/Tester user for the App (Team tab), so that they can’t trigger the build at all?