You are currently viewing the new Beta Editor Docs.
Switch to the Classic Editor Docs
You are currently viewing the Classic Editor Docs.
Switch to the Beta Editor Docs

Uplink Security

Sharing

Whoever you share the text of your server Uplink key with will have the same access to your app. So be careful if you are releasing your code online or sharing it outside your organisation. You may want to modify your scripts to remove lines with the plain text of the Uplink key:

anvil.server.connect("<your Uplink key>")

You can instead read the key in from a file or an environment variable, and .gitignore any file you use to set the key locally. That way it is not shared with people you don’t trust fully. For instance:

with open("<file with secret uplink key in first line>", 'r') as fin:
  uplink_key = fin.read().strip()

anvil.server.connect(uplink_key)

If you are concerned about the security of a system you want to connect with Uplink, consider using Client Uplink. It has the same privileges as client-side code. It cannot access Data Tables unless they have been set to client-accessible, and it cannot register server functions. It can still call server functions, which allows you to selectively expose functionality by writing server functions that perform only the operations you’re willing to expose.

You can use both Server and Client keys at the same time, from different Uplink scripts.

Development vs. Published apps

If your app has been published, you have two Uplink keys:

Part of the Uplink dialog, where you can select development or published versions of the Uplink key.

The Uplink key ending in “-DEV” connects to the “development” version of your app. The Uplink key that doesn’t end in “-DEV” connects to the “published” version of your app.

To check whether your Uplink is connected to the development or published version of your app, you can use anvil.app.branch, which will tell you whether you’re on master (development) or published (published).

If you start with an “unpublished” app, and then publish a version of your app while you have an Uplink connected, it’s good practice to reconnect your uplink, which will cause it to reconnect to the “published” branch.

Where your app will look for server functions depends on the version of your app your Uplink is connected to, and the version of your app that’s calling your server functions.

App running in development

An app running in development will look for server functions in these locations, in the following order:

  1. Uplink connected to “development” version
  2. Uplink connected to “published” version
  3. Server Modules

If your Uplink is connected to the “published” version of your app, your uplink will also receive server calls from the “development” version if those server functions aren’t registered on an Uplink connected to the “development” version of your app.

Published app running

A live, published app will look for server functions in these locations, in the following order:

  1. Uplink connected to “published” version
  2. Server Modules

If your Uplink is connected to the “development” version of your app, your Uplink will not receive any server calls from the “published” version of your app.

Multiple Deployment Environments

If you’re using more than one deployment environment (for example separate “testing” and “release” versions), your app has different uplink keys for each environment.

This means that, for example, you can connect untested Uplink code to a “testing” environment without affecting the behaviour of the “release” app.

Sometimes, though, you want to define @anvil.server.callable functions and make them available to any environment. For example, you might have an Uplink function that queries a local database, and you don’t want to run a new instance of that Uplink script for every environment.

For these cases, you can select Share Uplink with other environments in the Uplink or Publish dialog:

The 'Share Uplink with other environments' checkbox

This option only affects Server Uplinks, because Client Uplinks cannot define server functions.

Uplink functions can be called from your app’s dependencies.

That is to say, if you define server functions for your app with @anvil.server.callable, and another application uses your app as a dependency, that app can also call these server functions.

If you select Share Uplink with other environments, then Uplink functions can be called from your app’s dependencies.

That is to say, if you define server functions for your app with @anvil.server.callable, and another application uses your app as a dependency, and you have enabled uplink sharing, then that app can also call these server functions.

When your app makes an anvil.server.call(), it will look for server functions in these locations, in the following order:

  1. Uplink connected to this environment
  2. Shared Uplinks in other environments of this app
  3. Shared Uplinks in dependency apps
  4. Server Modules