Add readme steps for private_key secret provider

evidence-dev · Nov 16, 2024 · f227c31 · f227c31
1 parent 960d1e1
commit f227c31
Showing 1 changed file with 16 additions and 3 deletions.
diff --git a/docs/pages/index.md b/docs/pages/index.md
@@ -39,6 +39,15 @@ CREATE SECRET (
     PROVIDER access_token, 
     TOKEN '<your_token>'
 );
+
+-- OR create a non-expiring JSON secret with your Google API private key 
+-- (This enables use in non-interactive workflows like data pipelines)
+-- (see "Getting a Google API Access Private Key" below)
+CREATE SECRET (
+    TYPE gsheet, 
+    PROVIDER private_key, 
+    FILENAME '<path_to_JSON_file_with_private_key>'
+);
 ```
 
 ### Read
@@ -107,10 +116,14 @@ This token will periodically expire - you can re-run the above command again to
 
 Follow steps 1-9 above to get a JSON file with your private key inside.
 
-Use the value in the `"private_key"` field as the `SECRET` parameter.
-It will be in the format `-----BEGIN PRIVATE KEY-----\n ... -----END PRIVATE KEY-----\n`
+Include the path to the file as the `FILENAME` parameter when creating a secret.
+The recommendation is to use an absolute path, not a relative one, and to store it in the `~/.duckdb` folder.
+You will need to be able to access this file while querying GSheets (its content are not persisted. Later versions of this extension may enable that.)
+Ex: `CREATE SECRET (TYPE gsheet, PROVIDER private_key, FILENAME '<path_to_JSON_file_with_private_key>');`
+
+You can skip steps 10, 11, and 12 since this extension will convert from your JSON file to a token on your behalf!
 
-Folow steps 13 and 14.
+Follow steps 13 and 14.
 
 This private key by default will not expire. Use caution with it.