Summary: Ability to control dashboard sharing, with disabled as default setting
Description: Was in training just now and went through dashboard sharing. One thing concerns me that I believe needs to be changed.
Sharing is enabled by default with what seems to be no rotation of token.
The functionality for sharing itself is fine but should be optional, with sharing disabled by default.
- Dashboard sharing should be disabled on all dashboards by default
- The ability to change token should remain
- There should be an option to disabled sharing afterward
- Ideally there should be a place to view dashboards or items that have sharing enabled
The data we have in dashboards can be sensitive, especially when it’s tied to a client, so I would like to request this functionality be improved as described above.
Why: Security and privacy issue.
thanks for your feedback.
- dashboard sharing is disabled by default. if you do not share the link to others, the URL is useless. and also click “revoke token”, the old URL will be stopped.
- We will also put your fourth suggestion(view shared dashboards) in the development queue
dashboard sharing is disabled by default. if you do not share the link to others, the URL is useless.
This is misleading. The URL isn’t useless, it’s simply not “known” at that time.
What I’m saying is that I would rather opt-in to sharing a dashboard, rather than the current situation which is “shared” but with unknown token.
This is like openly sharing an authenticated service, setting up thousands of users (# of MSP * dashboards), never expiring their passwords, and hoping it’s never exploited. It’s only a matter of time, whereas enabling opt-in for sharing on a per-dashboard basis limits the exposure and allows the MSP to choose which data is at risk of potential exposure.
We will also put your fourth suggestion(view shared dashboards) in the development queue
This is fine, but would only work if sharing could be disabled/enabled. Please ensure the entire feature request is put forward.