Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.slipway.sh/llms.txt

Use this file to discover all available pages before exploring further.

Preview URLs are reachable on the public internet by default. For internal apps, half-baked features, or anything you don’t want strangers stumbling onto, configure preview auth. Auth is per-repo: every preview from that repo gets the same auth treatment. The setting is snapshot-frozen at deploy time, so changing it after a deploy has gone out doesn’t retroactively unprotect (or protect) it.

Three methods

You can enable any combination of the three.

Shared token

A single static token, shared across every deployment from the repo. Reviewers paste the token at the signin page; the gate sets a signed cookie scoped to your apps domain so they don’t need to paste it on every page. Good for: small reviewer pools, fast setup, “team can read”. To rotate, click Rotate token on the repo’s preview-auth page. The old token stops working immediately; live deployments don’t need to be redeployed.

GitHub org auth

Reviewers sign in with GitHub. The gate checks that the GitHub user is a member of a specific GitHub organization (typically the same org that owns the repo). Good for: granular access tied to GitHub team membership, no token rotation, audit trail of who viewed what.

Per-deployment token

A fresh token is generated for every deployment. The token is shown once on the deployment detail page (encrypted at rest, decrypted on view). Reviewers need to grab it from the deployment page to access that specific preview. Good for: tight blast radius, “this token only opens this one PR’s preview”.

Configure for a repo

Under /{slug}/repos/{id}/preview-auth:
  1. Toggle on the methods you want enabled.
  2. For shared-token mode: click Generate token and reveal it once. Share it with reviewers.
  3. For GitHub org auth: enter the GitHub org login that grants access.
  4. For per-deployment-token mode: toggle the per-deployment switch. Tokens are generated automatically on each deploy.
Save. The change applies to future deploys only — existing healthy deployments keep their snapshot.

What’s enforced at the Ingress

When preview auth is on for a deployment, slipway stamps nginx.ingress.kubernetes.io/auth-url and auth-signin annotations onto every public-port Ingress. nginx-ingress forwards every request to the auth-check endpoint; unauthenticated browsers are redirected to a themed signin page. The auth check is short-circuited on the hot path — for an already-signed-in cookie, the check returns in single-digit milliseconds.

Disabling auth

Turn every method off in the repo’s preview-auth page. Future deploys won’t carry auth annotations on their Ingresses. Existing healthy deployments keep their snapshot — redeploy if you want to drop auth from a live preview.

Limitations

  • Auth is per-repo, not per-service. If a repo has multiple public services, they all share the same auth gate.
  • The signin cookie is scoped to your apps domain. Cross-domain previews (one app deployed under the default apps domain, another under a custom domain) require separate signins.