Hi, I’m trying this out, and it looks rather cool.
But,
when I go to create a workflow–I just want to be able to convert a Google Sheet to JSON/JS Object–it asks for full RWD permission to my entire Google drive.
NYET!
Am I doing it wrong? It should only ask for read permission. Right?
@edjones Thanks for reaching out and I hear you completely. Right now, we only associate a single set of permissions to an app, so we don’t have a way to define permissions per action. We ask for broad permissions because many users end up writing data to sheets or creating event sources (which require write permissions to create the webhook subscriptions in your Google Drive account). So we need the provided scopes allow you to perform all possible actions in your account.
In the future, we plan to allow users to select custom scopes. We’ll post updates on that issue as soon as we develop that.
Let me know if that helps or if you have any other feedback.
I have been using and enjoying pipedream as a single user subscriber and would like to expand to having some of my team share a workspace. As it stands I don’t see anyway to give team members workspace access without also exposing ALL files in Drive. Please correct me if I’m wrong- seems like a bit of a showstopper as is. Even giving full permissions but specifying folder(s) for it would be much more realistic for us to adopt.
Hi @everyoneishappy, if you work with a team, I would recommend:
- Create a new workspace for your team, separated from your personal workspace. Copy the workflows (by creating shared link) to your new workspace and invite your team member there
- On the new workspace, connect to the Drive account shared by your team (NOT your personal account)
This would help you better manage your accounts and credentials
Thanks for the reply, I’m not sure that this addresses the issue though- using company Drive should still not expose sensitive, restricted or otherwise privileged folders. As I understood pipedream will still request global access regardless of the Drive account type or status.
Notion app is a good example of how it should be setup- you still allow full read/write but choose which material this should be applied to.
@everyoneishappy thanks for sharing your concern and your questions – FYI we are about to release a new feature to enable you to manage access and create private connected accounts, which will enable you to restrict access to your Google Drive account in the same workspace as others. That should be rolling out as soon as this week – stay tuned for an announcement from us!
Notion app is a good example of how it should be setup- you still allow full read/write but choose which material this should be applied to.
I agree Notion provides nice granularity here. Google is starting to roll out similar functionality, and we’re taking a look to see how we’ll be able to support it for users as well!
1 Like