Content Management

Posit Connect provides flexibility over how uploaded content is configured and shared.

Sharing Settings

Each deployment in Posit Connect can have specific access controls which specify which users are allowed to view and/or edit that content.


The list of collaborators enumerates the users allowed to edit and help manage the settings for a given deployment. The content owner is always included as a collaborator. Collaborators must have either publisher or administrator accounts.


A viewer is able to view content. Any type of account can be made a viewer for a given piece of content. Choose from the following options.

Anyone - no login required

Any visitor to Posit Connect can view this content. This includes anonymous users who are not authenticated with the system.

Use of this option may be restricted by your product license.

All users - login required

All Posit Connect accounts are permitted to view this content.

Specific users or groups

Specific users (or groups of users) are allowed to view this content. Other users do not have access.


Your Posit Connect license may restrict which visibility options are available to your content.

Limiting allowed viewership

Some organizations want to restrict the types of access that publishers and administrators can assign to content.

The settings Applications.MostPermissiveAccessType and Applications.AdminMostPermissiveAccessType limit the viewership options allowed to publishers and administrators, respectively.

These settings take the following values:


The most permissive access type. Allows all viewership permissions.


Permits only logged-in viewership options. This includes allowing the content owner and specific users and groups.


Content must explicitly enumerate specific users and groups.


There is not an access type that only allows the owner to view the content. Owner-only access is implemented as an empty access control list (ACL).

The following example requires publishers to constrain viewership by enumerating specific users and groups in access control lists. Publishers cannot grant access to all logged-in users or to anonymous, unauthenticated users. Administrators are allowed to configure any access type.

These values can be helpful to avoid accidentally exposing content too widely, while still allowing select individuals to publicize approved content.

; /etc/rstudio-connect/rstudio-connect.gcfg
MostPermissiveAccessType = acl
AdminMostPermissiveAccessType = all

This next example prohibits content from being given unconstrained viewership. Content cannot be configured to allow anonymous, unauthenticated access. The restriction applies to both publishers and administrators.

Use this configuration when you want to require user login before accessing any content on Posit Connect.

; /etc/rstudio-connect/rstudio-connect.gcfg
MostPermissiveAccessType = logged_in

The access type of existing content is not automatically altered. The two access type settings limit which permissions can be given to content. This restriction is only enforced when content is created or modified.

Transferring Content

Content ownership can be transferred between user accounts, including from locked users. For more information, see the Update Content Ownership section of the Posit Connect API Cookbook and the Update Content section of the Posit Connect API Reference.

Vanity Paths

All content receives a URL that includes its globally unique ID at at the time of deployment – something like Connect administrative users can create additional, customized vanity paths for content.

This setting can be found at the bottom of the Access tab when editing a piece of content. There you can enter the path at which you want this content to be available and preview the complete URL. Once you save your content, you can access your content at the new vanity URL.


By default, publishers can manage vanity paths for content items they own and collaborate on. To restrict this to admins only, set the Authorization.PublishersCanManageVanities configuration to false.

Vanity path restrictions

Vanity URLs cannot be nested inside of one another. So, if a vanity URL /finance/ already exists, you cannot create a new vanity URL at /finance/budget/. Sibling paths, such as: /finance/budget/ and /finance/quarterly/ can both exist concurrently.

Vanity URLs can include only alphanumeric characters, hyphens, underscores, and slashes.

The following path prefixes are prohibited in vanity URLs:

  • /__
  • /favicon.ico
  • /connect
  • /apps
  • /users
  • /groups
  • /setpassword
  • /user-completion
  • /confirm
  • /recent
  • /reports
  • /plots
  • /unpublished
  • /settings
  • /metrics
  • /tokens
  • /help
  • /login
  • /welcome
  • /register
  • /resetpassword
  • /content
  • The custom location for the Connect dashboard, configured by Server.DashboardPath.


You can use tags to organize content and make it easy for users to find content that they’re interested in. To begin, create a tag schema in the Tags section of the Connect dashboard (from the Admin page, click the Tags tab) by creating one or more tag categories. Define some tags, which can be nested any number of levels deep.

For example, if your data scientists are creating reports covering different geographical areas, you can create a category called “Geographical Area.” Then, you can create tags such as “Americas” or “Asia” and nest the tags “North America” and “South America” under “Americas.”

Only administrators can create and edit the tag schema. Categories and tags can be added, deleted, and renamed. Tags are ordered by creation time and cannot be re-ordered once they are created. Once a tag or category is deleted, all tags nested under it are also deleted.

Collaborators can associate content with one or more tags in the Tags tab of the content settings sidebar. Users can filter by tags to discover content, as long as they have permission to view that content.

For example, if multiple reports analyze the same set of data, those reports can be tagged with some identifier, such as “FY2016 Q3,” for the third quarter of the 2016 fiscal year. A report that analyzes the third and fourth quarter can be tagged with “FY2016 Q3” and “FY2016 Q4,” and appear when a user filters for either “FY2016 Q3” or “FY2016 Q4.”

Bundle Management

Content published to Posit Connect is encapsulated in a bundle that contains the source code and data necessary to execute the content. An application or report is updated by uploading a new bundle. Old bundles are retained on disk until you reach the limit imposed by Applications.BundleRetentionLimit at which point older bundles are deleted. You can adjust Applications.BundleRetentionLimit to retain fewer bundles in order to free up disk space.

Users can manage their own bundles in the Connect dashboard by clicking the Source Versions button. Collaborators can delete, download, activate, and view activation logs for their applications’ bundles. Activating a different bundle is a way of rolling back or rolling forward to an older or newer version of your application, respectively. For more information, see the Source Versions section of the Posit Connect User Guide.

Activating an alternative bundle for a Shiny, PyShiny, Bokeh, or Streamlit application causes new incoming users to be directed to the new version of the application. This does not interrupt existing users of the application who are viewing the previously activated bundle. For reports, activating an alternate bundle immediately renders the newly activated bundle and promote it to be the authoritative version of that document. For parameterized reports, only the default variant is rerendered. Other instances of the report are not automatically regenerated, but the next manual or scheduled update is performed on the newly selected bundle.

When activating an alternative bundle for an API, existing requests are serviced by processes already launched running the old code. New requests are serviced by new processes running the new code.

Content Images

Once content has been published to Posit Connect, the publisher can open the Info tab in the Application Settings pane and upload an image to be associated with the content.

  • Application images are stored in the server’s data directory.

  • Application images can be viewed by anyone with permission to view the associated content.

  • Administrators cannot view images associated with content that they do not have access to. However, all administrators may change the visibility mode, or add themselves to the viewer list, for any piece of content. This ensures that the Administrator’s act of giving themselves viewer privileges can be tracked in the server’s audit logs.

  • Posit Connect rejects uploads of images larger than the Applications.MaxAppImageSize configuration setting value. By default, the server accepts images up to 10MB in size.

  • Posit Connect does no post-processing. Images are sent back to the user exactly as they were uploaded, and the Posit Connect dashboard makes its best effort to display them in a consistent manner.

  • The Posit Connect dashboard attempts to cache images in an efficient and consistent manner. Every time the image is displayed, the dashboard checks the server for a newer version of the image, and accepts its cached version if a newer image does not exist.