Add notes about keeping keys and tokens secure #70
Conversation
Update the About link to correct the 404 error. Then add a Social Media link to Vectara's Discord channel.
Add doc_meta example and update curl command syntax with single quotes around URL
Update doc_metadata example
Fix example for doc_meta
Updated a few statements based on team discussion around indexing
80 char spacing
Users need to be careful so that they do not accidentally share their keys or tokens in public channels. I added this note to three topics that discuss API keys and OAuth tokens.
✅ Deploy Preview for luxury-shortbread-acee05 ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
Updated spacing to resolve conflict
| @@ -16,6 +16,12 @@ having an accidental publication of an over-privileged API key is often | |||
| organizationally "expensive." In general, it's recommended that you use | |||
| [OAuth 2.0](OAuth 2.0) if/where possible for production applications. | |||
|
|
|||
| :::warning | |||
|
|
|||
| :lock: Always keep your API Keys and 0Auth tokens private. Do not share them through email, Slack, Discord, forums, or other public channels because it can lead to unauthorized access. Treat these keys with the same confidentiality as your personal credentials. | |||
There was a problem hiding this comment.
- Can you fix the width of this to ~80 characters?
- It should be OAuth, not 0Auth
| @@ -22,6 +22,12 @@ OAuth 2.0 has several advantages over API keys or simple usernames/passwords: | |||
| - OAuth 2.0 is inherently more tightly scoped than API keys | |||
| - JWT tokens are detected by many security scanning tools, allowing them to more easily be flagged in the case of accidental publication | |||
|
|
|||
| :::warning | |||
|
|
|||
| :lock: Always keep your OAuth tokens private. Do not share them through email, Slack, Discord, forums, or other public channels because it can lead to unauthorized access. Treat these tokens with the same confidentiality as your personal credentials. | |||
There was a problem hiding this comment.
Please wrap fix the width of this one as well
| incremental mode, individual documents or messages are sent to be indexed. In | ||
| a short period of time, generally a few minutes, the new content will become | ||
| available in the search index. | ||
| The indexing service operates by accepting individual documents or messages to be indexed. In a short period of time, generally a few minutes, the new content will become available in the search index. |
Updated wrapping in 3 topics and fixed typo with OAuth
|
Completed changes in latest commit |
|
Thanks, LGTM now! |
|
It's asking me to resolve a conflict (the area where I fixed the wrapping) but it's not letting me do anything when I go to Resolve conflicts. I double-checked my editing tool and the file is not in some pending state, and git status says there is nothing to commit. I suspect it's user error but I am unable to squash and merge. |
|
I just manually re-approved @pwoznic |
Signed-off-by: Shane Connelly <[email protected]>
|
Also, I should have manually fixed the merge. You'll want to update local branch(es). I think what happened here was you issued a PR from your personal GH account/branch, and then you made some edits to |
Signed-off-by: Paul Wozniczka <[email protected]>
Signed-off-by: Paul Wozniczka <[email protected]>
Updated several topics with a note about keeping API Keys and OAuth tokens secure.