News & Announcements
Introducing More Granular Site Access Control for Improved Security
Netlify now provides more granular access control for your sites, allowing you to restrict access to sites in both their production and non-production environments. This access control is supported by single sign-on (SSO), providing teams with extra security and confidence when managing access.
What is site access control?
Sites and applications sometimes use user-based permissions for personalized content or access to privileged locations within the site. Netlify can help with role-based access control and user authentication for sites and applications that need functionality like this. But there are also times we need to place an entire site behind a gate so that only those authorized can visit it at all.
Site Access Control offers this ability.
This can be very useful for sites which are either always intended to remain exclusively private to a group of people, or for restricting access to sites or versions of sites that are in development and undergoing testing and approvals.
Netlify has offered this ability for any site on a pricing plan above the free starter tier via Basic authentication for many years. Now there is also a richer option ideal for teams and organizations.
The basic authentication challenge screen on a protected Netlify site
SSO (single sign-on) better than basic auth for teams and organizations
Basic auth allows for securing access to an entire site via a single shared password. For many scenarios this is precisely what is required (and historically a very common feature request). But in the case of teams and organizations needing to lock down access to their sites, a single shared password does not scale well. People leave teams. The need to revoke access for individuals arises. An organization needs extra security and confidence when managing access.
For this reason, Netlify now also supports site Access Control based on SSO and team membership. Access to sites can be secured, granted, and revoked for entire teams through association with their single sign-on domain or team membership.
The team and SSO challenge screen on a protected Netlify site
Configuring and scoping site access
For extra flexibility, site access control allows administrators to restrict or grant access to sites based on their environment. Choose to restrict access to all deploys (including Branch Deploys and Deploy Previews) or allow anyone to visit the production version of your site, while restricting access to non-production deploys of your site so that iterations and developments can be more confidently developed in private.
Pricing and information
The ability to create sites secured behind Access Control options is available on the all pricing plans from Pro and above. You can find more information on detailed configuration in our docs site.