Require authorization for import requests

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • Use the glide.basicauth.required.importprocessor property to designate if incoming import requests should require basic authentication.

    The glide.basicauth.required.importprocessor system property performs this authentication while importing data sources into the instance tables/pages.

    It restricts any guest users who are currently accessing this data. If glide.basicauth.required.importprocessor isn't set to the recommended value of true, then unauthenticated users could access import processor. Additional access controls, such as ACLs, are still enforced, but this value allows a guest user import request to be processed and not summarily denied.

    Ensure that the property glide.basicauth.required.importprocessor exists in the System Properties [sys_properties] table and is set to true.

    Warning:
    This is a safe harbor property, meaning the value can't be altered once it's changed. It is non-revertible.

    More information

    Attribute Description
    Configuration name glide.basicauth.required.importprocessor
    Configuration type System Properties (/sys_properties_list.do)
    Data type Boolean
    Recommended value true
    Default value <none>
    Fallback value false
    Category API and web service
    Security risk
    • Severity score: 5.3
    • CVSS rating: Medium
    • Security risk details: This property may allow unauthenticated users to initiate import requests via the import processor, potentially bypassing initial authentication checks and increasing the risk of unauthorized data manipulation despite enforced ACLs.
    Functional impact This remediation enforces a combination of authentication methods, in the form of basic authentication and system level access control.
    • It performs this authentication while importing data sources into the instance tables/pages.
    • It restricts any guest users who are currently accessing this data. If applicable, you may need to create a new account for users who need access to this content, with necessary access control permissions.

    To learn more, see Retrieving data from a CSV formatted file.
    Dependencies and prerequisites None