One Deploy Setting Decides Your Security Model: Execute as / Access
The 'execute as' × 'who can access' combination sets data permissions and whether your code is exposed. Public apps need their own app-level auth.
haeminway haeminway 2 posts
The 'execute as' × 'who can access' combination sets data permissions and whether your code is exposed. Public apps need their own app-level auth.
Reuse the deployment ID when you push a new version with clasp and the /exec URL stays fixed. Guard shared sheet writes with LockService.