Baserow 1.13: Role-based access control (RBAC) and SSO

We are thrilled to announce the release of Baserow 1.13 and introduce two new security features as part of Baserow Enterprise: role-based access control (RBAC) and single sign-on (SSO)!

The new enterprise version was designed to meet the needs of large organizations, making Baserow even more secure and flexible. It includes advanced user management to enhance data protection and privacy requirements.

Baserow Enterprise is now available for Baserow Self-Hosted. For Baserow Cloud, RBAC is included in the Advanced plan.

Baserow Enterprise’s key capabilities:

Role-based access control (RBAC): Baserow RBAC enables teams to manage complex access protocols, such as determining who has access to data and resources and what actions they can perform. RBAC is also available for Baserow Cloud users under the Advanced plan.

Single sign-on (SSO): Baserow now integrates with any third-party SSO provider using SAML, allowing you to control who can log in without requiring them to sign up separately for Baserow.

Role-based access Control (RBAC)

enter image description here

Role-based access control allows you to restrict access to your data by assigning roles to individual group members. In this initial release, roles apply to the entire group, but soon you will also be able to assign roles to specific tables and databases.

For example, if you want to invite someone to your Baserow group but only allow them to view your tables and databases, you can now invite them as a “Viewer.”

What can you do with Baserow RBAC?

On the new Members page, you can assign the following roles to group members: Admin, Builder, Editor, Commenter, and Viewer. Here is an overview of what each role allows:

Viewer: Can only read databases, tables, views, fields, cells, comments, and trash.

Commenter: Can do everything a Viewer can do, including viewing and writing row comments.

Editor: Can do everything a Commenter can do, plus edit cell values and create/delete rows in tables.

Builder: Can do everything an Editor can do, plus create/edit fields, tables, views, and databases.

Admin: Can do everything a Builder can do, plus invite group members, manage their permissions, and handle licenses, subscriptions, and site-wide settings.

For a detailed breakdown of each role’s capabilities, refer to the RBAC documentation.

How admins can use RBAC

Roles provide organizations with more flexibility in granting permissions to members. Admins can:

Invite members: You can invite new members to the group via email and select their role upon joining.

Grant and remove roles: On the new Members page, you can control the role assigned to each user in your group.

Delete members: You can remove any member from the group by deleting them from the list.

Create and manage teams (coming soon): Teams will allow you to assign a role to multiple users at once, without manually assigning roles individually.

Roles on database and table level (coming soon): Database and table-level permissions will enable you to grant roles for specific databases or tables. For example, you can give a user the “Viewer” role for a database but the “Builder” role for a particular table.

Create/edit a custom role (coming soon): Custom roles are useful for members who have different responsibilities within an organization and require access to various groups and data points. We plan to add this functionality in the next Baserow release.

Single sign-on (SSO)

enter image description here

Single sign-on (SSO) allows users to log in once with their credentials and gain access to all corporate apps, websites, and data they are authorized to use.

Which SSO protocols are supported in Baserow?

enter image description here

SAML SSO

Security Assertion Markup Language (SAML) is a security standard for authentication and access management. With SAML SSO, members log in to their Baserow organization using the organization’s identity provider.

Baserow supports dedicated integrations with the following identity providers:

  • Setting up SSO for Okta
  • Setting up SSO for OneLogin

OAuth 2 SSO

The OAuth2 protocol provides secure delegated access without sharing credentials. It allows users to grant access to their resources hosted by a service provider (e.g., Facebook) without disclosing their credentials. OAuth2 acts as an intermediary, providing the service with an access token that authorizes specific account information to be shared.

  • Setting up SSO with Google
  • Setting up SSO for Facebook
  • Setting up SSO for GitHub
  • Setting up SSO for GitLab

OpenID Connect SSO

OpenID Connect is an identity layer built on top of the OAuth 2.0 protocol. Its purpose is to provide a single login for multiple sites. With OpenID Connect support, Baserow users can now use any service that supports this protocol to log in to the tool.

  • Setting up SSO for OpenID Connect

New integrations

We’re thrilled to announce that our integration with Make is now live! Make (formerly Integromat) is an automation platform that seamlessly integrates with over 1000 apps, including Baserow. With Make, you can easily create, build, and automate workflows using a visual interface.

We know our community has been eagerly anticipating this integration, and we couldn’t be happier to bring it to you today. Check it out here: Make Integration.

Baserow is now available in Polish

Dzien dobry!

Thanks to the efforts of our community member, Piotr, Baserow is now available in Polish. We want to express our gratitude for Piotr’s hard work in translating the platform.

To set up your language: go to Settings → Interface Language.

New templates

We’ve added a variety of new templates and made improvements to existing ones. Stay up-to-date with the latest updates on our Templates page.

New roadmap

Let’s make Baserow work for you!

We are constantly working to make Baserow the ultimate tool for organizing your data. Your feedback is invaluable in helping us prioritize features for our upcoming milestones as we develop a new product roadmap.

To help us make Baserow the best it can be, we kindly request your feedback today. Please take just 2 minutes to fill out our survey: Baserow Feedback Survey.

Community updates

Code contributions

Today we want to thank Abdalla Mahmoud for contributing ’Switched click outside handling in modals and contexts to mousedown rather than click event’ and fixing ‘Slug rotation for GalleryView’. Abdalla, your enthusiasm is highly appreciated 💙

We extend another heartfelt thank you to Abin Joseph for identifying and alerting us to an open redirect bug on our login page. We’ve promptly rectified this issue, thanks to Abin’s astute observation. Your invaluable contribution is greatly appreciated, Abin!

Tutorials

We’re in awe of the comprehensive tutorials crafted by Claudio Balbino (Vamos Automatizar)! For our Portuguese-speaking users, we present new videos demonstrating how Baserow can be harnessed to automate tasks in conjunction with n8n. Enjoy your viewing!

Claudio, thank you for your big support!

Tips & tricks

We are delighted to see an increasing level of engagement in the Tips & Tricks section in the community forum. We would like to give special recognition to bfranklink for consistently sharing their valuable insights and discoveries.

Sharing is caring, and we truly care about one another here. So please don’t hesitate to share your tips, life hacks, techniques, or workarounds — let’s help each other grow.

Made with Baserow

Language translation

Luc W, our community member, created an amazing plugin on top of Baserow—this plugin introduces very powerful language translation capabilities.

“My goal was to develop a collaborative spreadsheet specialized on language learning. Building from scratch would have been fun. But using Baserow allowed me to put together a prototype in weeks. The documentation is outstanding. You can build your business logic on top of baserow and not be worried about being limited somehow due to its open source nature. I’ve got everything working exactly how I wanted it, with very little code, and almost no front-end code. Really happy with baserow and the plugin system.”, Luc W.

More details on the plugin can be found here.

A lightweight spreadsheet

We also want to share another great project Data Blaze Beta! that was built on top of Baserow by the company Blaze. Just have a look at how far you can go while using an open-source project that is built with extensibility at its core.

All changes, including bug fixes

  • Background pending tasks like duplication and template_install are restored in a new frontend session if unfinished.
  • Added Zapier integration code.
  • Made it possible to filter on the created_on and updated_on columns, even though they’re not exposed via fields.
  • Expose read_only in the list fields endpoint.
  • Made it possible to add additional signup steps via plugins.
  • Added an option to remove the Baserow logo from your public view.
  • Always allow the cover image of a gallery view to be accessible by a public view.
  • Added the ability to double click a grid field name so that quick edits can be made.
  • Upgraded docker containers base images from debian:buster-slim to the latest stable debian:bullseye-slim.
  • Upgraded python version from python-3.7.16 to python-3.9.2.
  • Added SAML protocol implementation for Single Sign On as an enterprise feature.
  • Added OAuth2 support for Single Sign On with Google, Facebook, GitHub, and GitLab as preconfigured providers. Added general support for OpenID Connect.
  • Fixed bug where it was not possible to select text in a selected and editing cell in Chrome.
  • Fixed bug where the row metadata was not updated when receiving a realtime event.
  • Duplicating a table with a removed single select option value no longer results in an error.
  • Selecting text in models, contexts, form fields and grid view cells no longer unselects when releasing the mouse outside.
  • Fixed slug rotation for GalleryView.

What’s next?

Release 1.13 marks a significant milestone in the Baserow roadmap! As we move forward, our dedicated product team will be strategizing the next steps for feature development, while our talented developers focus on resolving any outstanding issues and bugs from the backlog. We kindly invite you to participate in a survey to provide valuable product insights that will shape our future roadmap according to your preferences. Please take a moment to complete the survey here.

If you have any questions about the latest updates or anything else, please don’t hesitate to ask. Feel free to leave your inquiries in our official community forum, where our team is always happy to assist you!