Does superQuery store my sensitive data?
No. superQuery provides a non-intrusive web IDE and query optimization service on top of Google BigQuery’s database.
As such, we don’t store any customer data, but rather serve as a pass-through for the user’s query from our web IDE to our query optimization engine, and from there to Google BigQuery which will ultimately execute the query.
What data does superQuery receive and transmit?
As part of the query optimization process, superQuery processes the query’s metadata and the user’s metadata, and thus optimizes the query, improving query performance and reducing the query’s cost in many cases.
What scopes do you request access to in order for a user to use superQuery?
We ask for two Google OAuth 2.0 scopes, which tell us what we are allowed to do on behalf of the user. Even if we have scopes, it doesn’t mean we have permission to do anything.
Permissions are managed and defined by the user's GCP admin(s) in Google IAM and apply in superQuery as well.
We request the following scopes:
https://www.googleapis.com/auth/bigquery — View and Manage your data in Google BigQuery
https://www.googleapis.com/auth/cloud-platform — View and manage your data across Google Cloud Platform services
Why do you need access to these scopes?
The first scope allows the user to query their BigQuery data via the superQuery interface.
The second scope is required for use cases when a user wants to access other Google Cloud Platform services.
- Querying data stored in a Google Sheet in Google Drive
- Opening query results in a Google Sheet.
- Connecting your GCS Bucket so that downloaded results get stored there.
Does superQuery manage user access privileges to BigQuery tables and data?
No, superQuery passes the user's OAuth 2.0 Token to BigQuery as part of the query execution process. User access privileges are enforced by BigQuery based on your team's Google IAM settings.
My company is sensitive to the usage of Chrome extensions — is there another way we can use superQuery?
Yes. superQuery is a web-based IDE that you can access simply by logging in through the main website.
Can we use a service account to access superQuery instead of an OAuth 2.0 token?
Yes. Follow these instructions for setting up a service account in superQuery.
Do you base your security program on a recognized security standard?
Our security program guidelines are based on OWASP’s top 10 security risks.
If you have any questions that haven't been answered here, you can