Add a parameter to restrict dashboard sharing per role or globally

Hello !

Despite enforcing SAML-based authentication for all users, we notice that it’s still common for users to abuse the “share” button in order to generate public permanent URLs to any dashboard. As a result, company employees don’t even authenticate to Redash because if someone share a public URL, they don’t need to ever authenticate, at worst anyone outside of the company could access our data just by having a link.

If we cannot prevent generation of public URLs, then cannot control who access the data and it becomes a security issue.
Is there already an option to disable the dashboard sharing feature or restrict it to some users/roles ?

Thanks ! :wink: