Permissions, Privileges, and Uninstallation

This section combines all post-setup administration details, including privilege rationale, cleanup, and uninstallation.

Privilege Rationale (Security & Cost Control)

Minimal required app privileges

  • BIND SERVICE ENDPOINT – Allows the app to bind its internal web/API service endpoint

  • EXECUTE TASK – Enables scheduled automation

Client-managed resources

  • Compute Pools, Warehouses, External Access Integrations, and Network Rules are owned, paid for, and controlled by the client.

Benefits

  • Cost control (all billable compute is client-managed)

  • Security control (client defines allowed external hosts)

  • Full app functionality with minimal privileges

Role & Permissions Cleanup (Updates / Re-installs)

  • There is no automated revoke of previously granted privileges during updates.

  • Manually remove older grants except: keep BIND SERVICE ENDPOINT and EXECUTE TASK in place.

  • If services were altered, recreate connections to avoid confusion from legacy configurations.

Uninstallation

  1. In Installed Apps, open the app row menu (⋮) → Uninstall.

  1. Confirm to complete removal.

After uninstall

  • Re-install follows the same process and produces a new Application URL.

  • Secrets for connectors are destroyed → reconfigure connectors.

  • Schedules are deleted → re-enable scheduling after re-install.

PreviousPlatform Login and Network Access VerificationNextTroubleshooting

Last updated