Security

Jump to bottom

Rodrigo Motta edited this page Oct 22, 2024 · 1 revision

Security Considerations for GithubHttpApp in Google Apps Script

While GithubHttpApp simplifies interacting with the GitHub API, security considerations remain paramount within the Google Apps Script environment.

Token Management:

Avoid Hardcoding: Refrain from hardcoding your GitHub access token directly within your script. This exposes the token to potential security vulnerabilities.
Leverage Script Properties: Employ Google Apps Script's PropertiesService to securely store and retrieve your token. Script properties provide a safe mechanism for managing sensitive data within your script.

Best Practices:

Minimize Token Scope: Request the minimum permissions necessary for your application's functionality in your GitHub token.
Limit Token Exposure: Restrict access to your script to authorized users and implement proper authentication mechanisms.
Stay Updated: Maintain your script with the latest version of GithubHttpApp to benefit from potential security improvements.