Skip to content

docs: JSON credential best practices #1923

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jan 24, 2025
Merged

docs: JSON credential best practices #1923

merged 1 commit into from
Jan 24, 2025

Conversation

d-goog
Copy link
Collaborator

@d-goog d-goog commented Jan 23, 2025

🦕

@d-goog d-goog requested review from a team as code owners January 23, 2025 23:10
@product-auto-label product-auto-label bot added the size: s Pull request size is small. label Jan 23, 2025
sai-sunder-s
sai-sunder-s approved these changes Jan 24, 2025
View reviewed changes
src/auth/jwtclient.ts
*
* @remarks
*
* **Important**: If you accept a credential configuration (credential JSON/File/Stream) from an external source for authentication to Google Cloud, you must validate it before providing it to any Google API or library. Providing an unvalidated credential configuration to Google APIs can compromise the security of your systems and data. For more information, refer to {@link https://cloud.google.com/docs/authentication/external/externally-sourced-credentials Validate credential configurations from external sources}.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this method is going to allow only Service accounts right?

If so we do not need to warn here. Having it doesn't have any downside though

@sai-sunder-s
Copy link
Contributor

Is there going to be a separate change for the client libs or is this it?

@sai-sunder-s
Copy link
Contributor

Is there going to be a separate change for the client libs or is this it?

I think I got it. GoogleAuthOptions is used in the client libs?

@d-goog
Copy link
Collaborator Author

d-goog commented Jan 24, 2025

Is there going to be a separate change for the client libs or is this it?

This is it; it will automatically propagate down.

Is there going to be a separate change for the client libs or is this it?

I think I got it. GoogleAuthOptions is used in the client libs?

Correct.

@d-goog d-goog merged commit c59f8b4 into main Jan 24, 2025
18 checks passed
@d-goog d-goog deleted the additional-json-cred-warnings branch January 24, 2025 00:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sai-sunder-s sai-sunder-s sai-sunder-s approved these changes

Assignees
No one assigned
Labels
size: s Pull request size is small.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@d-goog @sai-sunder-s