Back to the Shapespark home page

ShapeSpark Cloud Scene Security

Hi guys,

I have a question about security. We would like to show some scenes to some folks, but we would like to limit access to these and keep a log on who is seeing the models.

Additional questions:

Can we make custom URLs for our scenes? Or are we stuck with the ones that ShapeSpark Cloud generates?

Does Shapespark Cloud have any sort of access control? Can you enable Whitelisting or CORS for iFrames on request?


Standard URL is composed of,
you can change YOUR-SCENE-NAME to include some random characters, so people who don’t know the URL won’t be able to guess it.

‘Plus’ subscription plan also allows for the use of your own domain, in such case the URL is YOUR-CUSTOM-SUBDOMAIN.YOUR-OWN-DOMAIN/YOUR-SCENE-NAME/

Shapespark hosting doesn’t offer any more sophisticated access control mechanism. ‘Plus’ plan and the perpetual license allow for hosting scenes on own server. In this case you fully control the hosting environment and can configure any access control mechanism that you need.

1 Like

HI Jan

Noob here. (Ryan)

have a potential gallery for a bank, and they are asking about online security, just to double check changing the “text” of the link is not really going to work? because once they follow the link they are at the URL anyway.
or am I missing something?

Right, everyone that has a link is able to access the scene, so the idea for confidential scenes is to share the link only with trusted people. For a bank, perhaps hosting on their server could be a better option.

Hi, @my3ideas,
Present this idea to the bank

  1. Let them buy a standard Shapespark license for as long as they require ($49/month).
  2. They give you access to their team, you work everything from your space and then publish to the bank’s cloud.
    That delegates all the security to them.

The concern was more around someone hacking the scene and inserting/changing textures images Ect…

If we got the perpetual licence we could then let them host on their own servers,

The link is read only, it doesn’t allow to modify the stored scene. For the scene modification someone needs to know you password.

This suggestion makes more sense now…


Will get the client to pay for our Perpetual License. :thinking: