13 Content Management

RStudio Connect provides flexibility over how uploaded content is configured and shared.

13.1 Sharing Settings

Each deployment in RStudio Connect can have specific access controls which specify which users are allowed to view and/or edit that content.

13.1.1 Collaborators

The list of collaborators enumerates the users allowed to edit and help manage the settings for a given deployment. The content owner is always included as a collaborator. Collaborators must be either “publisher” or “administrator” accounts.

13.1.2 Viewers

A viewer is able to view content. Any type of account can be made a viewer for a given piece of content. Choose from the following options.

Anyone - no login required

Any visitor to RStudio Connect will be able to view this content. This includes anonymous users who are not authenticated with the system.

All users - login required

All RStudio Connect accounts are permitted to view this content.

Specific users or groups

Specific users (or groups of users) are allowed to view this content. Other users will not have access.


Only the owner of this content is able to view this content. Limiting allowed viewership

Some organizations want to restrict the types of access that publishers and administrators can assign to content.

The settings Applications.MostPermissiveAccessType and Applications.AdminMostPermissiveAccessType limit the viewership options allowed to publishers and administrators, respectively.

These settings take the following values:


The most permissive access type. Allows all viewership permissions.


Permits only logged-in viewership options. This includes allowing the content owner and specific users and groups.


Content must explicitly enumerate specific users and groups.

There is not an access type that only allows the owner to view the content. Owner-only access is implemented as an empty access control list (ACL).

The following example permits publishers to constrain viewership through access control lists while allowing administrators to configure any access type.

MostPermissiveAccessType = acl
AdminMostPermissiveAccessType = all

This next example prohibits content from being given unconstrained viewership. The restriction applies to both publishers and administrators.

MostPermissiveAccessType = logged_in

The access type of existing content is not automatically altered. The two access type settings limit which permissions may be given to content. This restriction is enforced when content is created or modified.

13.2 Vanity Paths

All content receives a URL that includes its numerical ID at at the time of deployment – something like https://rsc.company.org/connect/#/apps/982. Connect administrative users can create “vanity paths” for content which make the content available at an additional, customized URL.

This setting can be found at the bottom of the “Access” tab when editing a piece of content. There you can enter the path at which you want this content to be available and preview the complete URL. Once you “Save” your content, you’ll be able to access your content at the new vanity URL.

Vanity URLs can not be nested inside of one another. So if a vanity URL /finance/ already exists, you would not be able to create a new vanity URL at /finance/budget/. You may create sibling paths: /finance/budget/ and /finance/quarterly/ may both exist concurrently.

13.3 Tags

You can use tags to organize content and make it easy for users to find content that they’re interested in. To begin, create a tag schema in the “Tags” section of the Admin dashboard by creating one or more tag categories. Define some tags, which can be nested any number of levels deep.

For example, if your data scientists are creating reports covering different geographical areas, you could create a category called “Geographical Area”. Then, you could create tags such as “Americas” or “Asia” and nest the tags “North America” and “South America” under “Americas”.

Only administrators can create and edit the tag schema. Categories and tags can be added, deleted, and renamed. Once a tag or category is deleted, all tags nested under it are also deleted.

Collaborators can associate content with one or more tags in the “Tags” tab of the content settings sidebar. Users can filter by tags to discover content, as long as they have permission to view that content.

For example, if multiple reports analyze the same set of data, those reports could be tagged with some identifier, such as “FY2016 Q3” for the third quarter of the 2016 fiscal year. A report that analyzes the third and fourth quarter could be tagged with “FY2016 Q3” and “FY2016 Q4”, and would appear when a user filters for either “FY2016 Q3” or “FY2016 Q4”.

13.4 Bundle Management

Content published to RStudio Connect is encapsulated in a “bundle” that contains the source code and data necessary to execute the content. An application or report is updated by uploading a new bundle. Old bundles are retained on disk until you reach the limit imposed by Applications.BundleRetentionLimit at which point older bundles will be deleted.

Users can manage their own bundles in the dashboard by clicking the “Source Versions” button. Collaborators can delete, download, activate, and view activation logs for their applications’ bundles. Activating a different bundle is a way of “rolling back” or “rolling forward” to an older or newer version of your application, respectively.

Activating an alternative bundle for a Shiny application will cause new incoming users to be directed to the new version of the application but will not interrupt existing users of the application who are viewing the previously activated bundle. For reports, activating an alternate bundle will immediately render the newly activated bundle and promote it to be the authoritative version of that document. For parameterized reports, only the default variant will be rerendered; other instances of the report will not automatically be regenerated, but the next manual or scheduled update will be performed on the newly selected bundle.

When Activating an alternative bundle for a Plumber API, existing requests will be serviced by processes already launched running the old code. New requests will be serviced by new processes running the new code.

13.5 API Keys

RStudio Connect allows users to access hosted content outside the web browser by utilizing API Keys - e.g. via shell scripts. API Keys are enabled by default. To change this behavior please see Section 13.5.2.

13.5.1 How this Works

API Keys are associated with user accounts. They provide roughly the same level of access to RStudio Connect as a user logged in via the browser would have.

If a user has a compromised API Key, the Key should be deleted as soon as possible. The administrator may wish to lock the account if the user is having difficulty deleting the API Key.

To retrieve static content or to invoke Plumber endpoints via API Keys an HTTP request must be made to the target URL of the published content. The request must contain an HTTP header whose key is Authorization and value is set to Key API_KEY.

Authorization: Key ABCDEFGHIJKLMNO

API Keys have the same authorization access levels as the user that owns them. Someone who uses an API Key will be able to view all content that the owner of the API Key has access to. API Keys are shared secrets and as such they should be stored securely and only be given to trusted applications. It is advisable that content requests be made securely over HTTPS. If a user believes that an API Key has been compromised, they can revoke just that key by deleting it.

For more details regarding API Keys please see the API Keys section in the User Guide.

To learn how to configure RStudio Connect to listen for HTTPS requests please see Section A.4.

13.5.2 Configuring API Keys

To disallow API Keys, set Authentication.APIKeyAuth to false.

APIKeyAuth = false